-
Compteur de contenus
47 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par dragonnette
-
problème au demarrage
dragonnette a répondu à un(e) sujet de dragonnette dans Analyses et éradication malwares
bonjour j'ai fait clic droit sur disque C , formater ,un message me demande d'inserer le CD d'installation windows,c'est celui fourni ,j'ai essayer aussi avec un autre CD et pareil même problème:ça demarre l'installation ,le message apparait et ça continu de charger l'installation puis écran noir et un petit carré qui clignote en haut a gauche et rien ne se passe obligé d'éteindre direct sur pc pas trouvé de mises a jour pour la carte graphique et en mode sans echec le statut peripherique pas dispo je ne trouve pas ma carte dans http://www.touslesdrivers.com/ est ce que ça peut venir de la carte mère ou la pile qui est nase ? hier ça a demarrer window normalement,(message apparait qu'il ne trouvait pas ;je sais plus quoi...oups j'ai pas fait attention a ce qu'il disait je pensais que ça refonctionnait ..et grosse erreur....et redemarrage ne mode sans echec?????? compliqué tout ça -
problème au demarrage
dragonnette a répondu à un(e) sujet de dragonnette dans Analyses et éradication malwares
bonjour je n'arrive a demarrer qu'en mode sans echec avec reseaux demarrage selectif j'ai fait ...ça change rien j'ai ce genre de message quand je veux formater,reparer ou reinstaller windows "option mise a jour pas dispo pas pu charger fichier introuvable I:\i386\WINNTUPGNETUPGRDDLL" "racine window sysrem32/haldll manque ou endomagé" Utilisez Memtest : ça n'as pas fonctionné ... Mettre à jour vos pilotes graphiques. ça se passe où?? voila voila !! pas facile tout ça!!!!!!! -
bonjour j'ai essayer de réparer avec - la restauration a une autre date - avec le cd d'installation et rien de changer je vous joint ce rapport peut etre pourrez vous m'aider merci d'avance Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:29:16, on 10/06/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Safe mode with network support Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (file missing) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing) O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (file missing) O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing) O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing) O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - http://copainsdavant.linternaute.com/frame...geUploader5.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/NET/Import/ImageUploader4.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://kiw.imgag.com/imgag/cp/install/crusher-kiwen.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/up...er_v2.2.0.2.cab O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (file missing) O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Serveur Admin eTrust Antivirus (InoNmSrv) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoNmSrv.exe O23 - Service: Serveur RPC eTrust Antivirus (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe O23 - Service: Serveur eTrust Antivirus Temps réel (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe O23 - Service: Serveur de jobs eTrust Antivirus (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Service Messenger Sharing Folders USN Journal Reader (usnjsvc) - Unknown owner - C:\Program Files\Windows Live\Messenger\usnsvc.exe (file missing) O23 - Service: Windows Defender (WinDefend) - Unknown owner - C:\Program Files\Windows Defender\MsMpEng.exe (file missing) O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing) O24 - Desktop Component 0: ElÚment crÚÚ par Ulead GIF Animator - C:\WINDOWS\system32\gaadi001.gif -- End of file - 9989 bytes
-
Formatage et virus
dragonnette a répondu à un(e) sujet de dragonnette dans Analyses et éradication malwares
oui j'ai deja formater mais ça c'est fait direct sur l'ordi....juste attendre que ça se fasse et ensuite j'ai reinstallé avec le cd fourni lors de l'acha et l'antivirus;je trouve que c'est de réinstaller l'antivirus qui est plus délicat car il y a coché certaine case si on ne sait pas (comme moi) à quoi ça correspond .....ça peut poser problème!! le copain a un ordi recupere dans sa famille plutot vieux ,très peu de mémoire , window98 et un cd gravé maison mais vu qu'il n'a pas les n°peu pas reinstaller , sinon il demarre mais plein de fenetre s'ouvre d'avertissement divers ,et d'autre signalant qu'il est infecté au bout d'une demi heure il arrive à tout fermer!mais il ne peut rien faire!! mais peu importe je pense qu'il va allé à la poubelle! ce que je voulais surtout savoir c'est si de formater suffisait à supprimer les virus je te remercie -
Formatage et virus
dragonnette a répondu à un(e) sujet de dragonnette dans Analyses et éradication malwares
donc il a juste à inserer son cd et suivre les instructions c'est ça le formatage ,si j'ai bien compris -
Formatage et virus
dragonnette a répondu à un(e) sujet de dragonnette dans Analyses et éradication malwares
en fait c'est pas chez moi c'est un copain,il ne peut plus rien faire meme pas formater de toute façon!il pense reinstaller window avec son cd, est ce que cela supprimera ces virus? ça doit etre avec emule qu'il a chopé ça -
bonjour je voulais savoir si de formater pouvait supprimer un virus? merci c'avance
-
pub qui apparaissent
dragonnette a répondu à un(e) sujet de dragonnette dans Analyses et éradication malwares
bonjour j'ai refait un scan car de temps en temps j'ai des pubs est-ce que je relance lopsd en option2? merci d'avance --------------------\\ Lop S&D 4.2.4-6 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon 64 Processor 3400+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : joelle ( Administrator ) BOOT : Normal boot A:\ (USB) C:\ (Local Disk) - NTFS - Total : 186 Go Free : 92 Go E:\ (USB) F:\ (USB) G:\ (USB) H:\ (USB) I:\ (CD or DVD) J:\ (USB) "C:\Lop SD" ( MAJ : 20-10-2008|20:35 ) Option : [1] ( 01/11/2008| 8:50 ) --------------------\\ Listing des dossiers dans APPLIC~1 [06/09/2008|23:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [17/03/2007|17:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [01/05/2008|21:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [24/03/2007|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [11/11/2007|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU [14/04/2008|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Awem [17/09/2007|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations [06/03/2008|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [22/03/2007|22:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GalleryPlayer [22/03/2007|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [31/10/2008|15:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater [24/01/2008|09:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft [21/01/2008|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab [02/05/2008|07:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd [02/05/2008|07:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech [18/06/2008|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [11/01/2008|15:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero [06/09/2008|23:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS [17/09/2007|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite [17/03/2007|17:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle [30/10/2008|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping [20/12/2007|20:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline [31/10/2008|08:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [16/12/2007|09:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft [31/01/2008|14:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games [22/10/2008|12:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [28/04/2007|11:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SugarGames [18/06/2008|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [30/01/2008|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia [05/04/2007|12:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software [19/03/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL [21/06/2007|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems [19/03/2007|16:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [28/06/2007|15:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar [24/10/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller [25/04/2008|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [28/08/2007|14:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [01/08/2008|14:40] C:\DOCUME~1\A NJ~1\APPLIC~1\Adobe [29/07/2008|14:04] C:\DOCUME~1\A J~1\APPLIC~1\AdobeUM [30/12/2007|14:31] C:\DOCUME~1\A J~1\APPLIC~1\Ahead [04/04/2007|14:33] C:\DOCUME~1\A J~1\APPLIC~1\aignes [02/05/2008|08:12] C:\DOCUME~1\A J~1\APPLIC~1\Apple Computer [27/05/2007|19:57] C:\DOCUME~1\A J~1\APPLIC~1\ArcSoft [11/11/2007|22:29] C:\DOCUME~1\A J~1\APPLIC~1\AVS4YOU [16/12/2007|14:11] C:\DOCUME~1\A J~1\APPLIC~1\AVSMedia [05/01/2008|22:11] C:\DOCUME~1\A J~1\APPLIC~1\Blacksmith3D [01/08/2008|14:40] C:\DOCUME~1\A J~1\APPLIC~1\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [04/05/2008|22:24] C:\DOCUME~1\A J~1\APPLIC~1\Datalayer [29/04/2007|12:58] C:\DOCUME~1\A J~1\APPLIC~1\EFF [30/10/2008|21:16] C:\DOCUME~1\A J~1\APPLIC~1\eq list tons [20/03/2007|10:26] C:\DOCUME~1\A J~1\APPLIC~1\FotoWire [20/08/2008|07:06] C:\DOCUME~1\A NJ~1\APPLIC~1\G‚n‚atique2009 [01/04/2007|08:42] C:\DOCUME~1\A J~1\APPLIC~1\Google [29/02/2008|14:44] C:\DOCUME~1\A NJ~1\APPLIC~1\Grisoft [29/10/2007|09:31] C:\DOCUME~1\A NJ~1\APPLIC~1\gtk-2.0 [15/10/2008|12:59] C:\DOCUME~1\A NJ~1\APPLIC~1\Help [14/04/2008|11:29] C:\DOCUME~1\A J~1\APPLIC~1\Identities [29/07/2008|16:17] C:\DOCUME~1\A J~1\APPLIC~1\InstallShield [03/04/2007|12:45] C:\DOCUME~1\A J~1\APPLIC~1\Lavasoft [07/07/2007|19:17] C:\DOCUME~1\A J~1\APPLIC~1\LimeWire [29/05/2007|10:09] C:\DOCUME~1\A J~1\APPLIC~1\Macromedia [06/05/2008|12:52] C:\DOCUME~1\A J~1\APPLIC~1\Microsoft [25/06/2008|21:49] C:\DOCUME~1\A J~1\APPLIC~1\Morpheus Software [27/08/2008|22:55] C:\DOCUME~1\A J~1\APPLIC~1\Mozilla [17/03/2007|17:31] C:\DOCUME~1\A J~1\APPLIC~1\MSNInstaller [29/12/2007|20:16] C:\DOCUME~1\A J~1\APPLIC~1\Nero [15/06/2007|16:10] C:\DOCUME~1\A J~1\APPLIC~1\Nikon [04/05/2008|22:19] C:\DOCUME~1\A J~1\APPLIC~1\Nokia Multimedia Player [18/09/2007|09:20] C:\DOCUME~1\A J~1\APPLIC~1\PC Suite [16/05/2007|19:08] C:\DOCUME~1\A J~1\APPLIC~1\Pegasys Inc [19/05/2008|08:21] C:\DOCUME~1\A NJ~1\APPLIC~1\Real [30/07/2008|10:44] C:\DOCUME~1\A J~1\APPLIC~1\Reallusion [31/10/2008|10:40] C:\DOCUME~1\A J~1\APPLIC~1\Skype [31/10/2008|08:42] C:\DOCUME~1\A J~1\APPLIC~1\skypePM [29/10/2007|10:08] C:\DOCUME~1\A J~1\APPLIC~1\STOIK [26/03/2007|21:04] C:\DOCUME~1\A J~1\APPLIC~1\Sun [03/05/2007|18:50] C:\DOCUME~1\A J~1\APPLIC~1\Template [05/04/2007|12:10] C:\DOCUME~1\A NJ~1\APPLIC~1\TuneUp Software [14/12/2007|10:34] C:\DOCUME~1\A J~1\APPLIC~1\uk.co.planetside [31/01/2008|10:34] C:\DOCUME~1\A NJ~1\APPLIC~1\Uniblue [30/10/2007|11:33] C:\DOCUME~1\A J~1\APPLIC~1\Vso [22/04/2008|08:34] C:\DOCUME~1\A J~1\APPLIC~1\Zylom [25/07/2008|13:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia [02/01/2008|10:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [29/06/2007|19:48] C:\DOCUME~1\J.J\APPLIC~1\Microsoft [17/03/2007|16:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [17/03/2007|16:42] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [21/08/2008|16:50] C:\DOCUME~1\Yoan56\APPLIC~1\Adobe [07/10/2008|15:44] C:\DOCUME~1\Yoan56\APPLIC~1\Apple Computer [30/10/2008|19:39] C:\DOCUME~1\Yoan56\APPLIC~1\eq list tons [21/08/2008|16:47] C:\DOCUME~1\Yoan56\APPLIC~1\Google [21/08/2008|16:46] C:\DOCUME~1\Yoan56\APPLIC~1\Grisoft [21/08/2008|16:46] C:\DOCUME~1\Yoan56\APPLIC~1\Identities [25/07/2008|13:19] C:\DOCUME~1\Yoan56\APPLIC~1\Macromedia [31/08/2008|15:33] C:\DOCUME~1\Yoan56\APPLIC~1\Microsoft [01/09/2008|16:57] C:\DOCUME~1\Yoan56\APPLIC~1\PC Suite [21/10/2008|20:31] C:\DOCUME~1\Yoan56\APPLIC~1\Sun --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [31/10/2008 23:00][--ah-----] C:\WINDOWS\tasks\AFF6C93E91897BA6.job [19/10/2008 17:00][--a------] C:\WINDOWS\tasks\Norton Security Scan.job [16/09/2008 06:55][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [31/10/2008 16:01][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{8AB8951B-7936-40C6-9E66-EEDF2C07A808}.job [03/10/2008 16:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job [01/11/2008 08:35][--ah-----] C:\WINDOWS\tasks\SA.DAT [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini ( AFF6C93E91897BA6.job )=( c:\docume~1\yoan56\applic~1\eqlist~1\Cashdupeopen.exe ) --------------------\\ Listing des dossiers dans C:\Program Files [16/01/2008|18:59] C:\Program Files\Abrosoft [02/04/2007|23:15] C:\Program Files\Acro Software [01/08/2008|14:11] C:\Program Files\Adobe [11/01/2008|15:31] C:\Program Files\Ahead [01/05/2008|21:28] C:\Program Files\Apple Software Update [27/05/2007|19:50] C:\Program Files\ArcSoft [26/03/2007|23:30] C:\Program Files\Audacity [16/05/2007|11:50] C:\Program Files\AviSynth 2.5 [12/11/2007|00:46] C:\Program Files\AVS4YOU [11/12/2007|16:58] C:\Program Files\AVSMedia [05/01/2008|22:11] C:\Program Files\Blacksmith3D-Suite 3.0 [22/07/2008|22:55] C:\Program Files\Bonjour [17/03/2007|17:22] C:\Program Files\CA [05/04/2007|12:00] C:\Program Files\CCleaner [17/03/2007|16:36] C:\Program Files\ComPlus Applications [28/01/2008|00:04] C:\Program Files\DAZ [17/09/2007|19:52] C:\Program Files\DIFX [20/09/2007|15:51] C:\Program Files\DivX [31/12/2007|19:55] C:\Program Files\Dj_show [09/12/2007|22:04] C:\Program Files\dogwaffle [22/11/2007|20:21] C:\Program Files\DVD Shrink [05/06/2007|13:27] C:\Program Files\Elaborate Bytes [03/01/2008|22:24] C:\Program Files\Electronic Arts [13/07/2007|21:26] C:\Program Files\Eltima Software [15/10/2008|13:34] C:\Program Files\epson [30/10/2008|19:36] C:\Program Files\eq list tons [17/08/2008|13:38] C:\Program Files\ExtraFilm FotoFacil [31/10/2008|08:40] C:\Program Files\Fichiers communs [20/06/2008|19:28] C:\Program Files\Free Audio Pack [27/05/2008|16:57] C:\Program Files\freeDoc [15/10/2008|20:07] C:\Program Files\FXhome EffectsLab Pro [18/06/2008|17:14] C:\Program Files\Gamenext [18/06/2008|17:26] C:\Program Files\GamesBar [20/08/2008|07:08] C:\Program Files\Geneatique2009 [09/12/2007|22:08] C:\Program Files\Gimp [14/07/2007|07:57] C:\Program Files\GlobFX Technologies [21/05/2008|21:55] C:\Program Files\Google [24/01/2008|09:17] C:\Program Files\Grisoft [30/06/2008|23:00] C:\Program Files\Incomplete [15/10/2008|13:34] C:\Program Files\InstallShield Installation Information [15/10/2008|12:08] C:\Program Files\Internet Explorer [24/03/2007|22:15] C:\Program Files\iPod [01/05/2008|21:14] C:\Program Files\iTunes [16/01/2008|11:25] C:\Program Files\Java [31/12/2007|20:26] C:\Program Files\KaraFun [22/11/2007|21:25] C:\Program Files\Kate's Video Converter [19/04/2008|08:18] C:\Program Files\lame3.97 [03/04/2007|13:04] C:\Program Files\Lavasoft [02/05/2008|07:24] C:\Program Files\Logitech [29/06/2007|19:32] C:\Program Files\Macrogaming [07/09/2008|11:33] C:\Program Files\Messenger [24/10/2008|19:58] C:\Program Files\Messenger Plus! Live [29/06/2007|19:55] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [17/03/2007|16:40] C:\Program Files\microsoft frontpage [13/05/2007|12:12] C:\Program Files\Microsoft Office [17/03/2007|17:59] C:\Program Files\Microsoft SQL Server [01/01/2008|15:06] C:\Program Files\Microsoft SQL Server Compact Edition [13/05/2007|12:11] C:\Program Files\Microsoft.NET [25/06/2008|21:49] C:\Program Files\Morpheus Photo Morpher [06/09/2008|22:06] C:\Program Files\Movie Maker [01/11/2008|08:37] C:\Program Files\Mozilla Firefox [17/03/2007|17:31] C:\Program Files\MSN [17/03/2007|16:35] C:\Program Files\MSN Gaming Zone [24/10/2008|19:43] C:\Program Files\MSN Messenger [15/01/2008|18:41] C:\Program Files\Navilog1 [11/01/2008|15:20] C:\Program Files\Nero [06/09/2008|22:01] C:\Program Files\NetMeeting [16/05/2007|11:01] C:\Program Files\Neuf [27/05/2007|19:52] C:\Program Files\Nikon [17/09/2007|19:52] C:\Program Files\Nokia [20/08/2008|17:00] C:\Program Files\Norton Security Scan [06/09/2008|23:02] C:\Program Files\NOS [29/06/2007|19:50] C:\Program Files\Online Services [11/01/2008|13:11] C:\Program Files\Orange [06/09/2008|22:01] C:\Program Files\Outlook Express [20/10/2008|08:11] C:\Program Files\Paint.NET [22/10/2008|12:05] C:\Program Files\PeerCast [04/11/2007|22:02] C:\Program Files\PhotoBox [30/05/2008|08:57] C:\Program Files\PhotoFiltre [27/05/2008|16:01] C:\Program Files\Picasa2 [17/03/2007|17:59] C:\Program Files\Pinnacle [17/08/2008|08:19] C:\Program Files\Pixum [29/08/2007|15:36] C:\Program Files\printFIT [23/12/2007|10:31] C:\Program Files\project dogwaffle [20/08/2008|07:46] C:\Program Files\Protectis [01/05/2008|21:13] C:\Program Files\QuickTime [30/10/2007|16:07] C:\Program Files\RADVideo [27/07/2007|09:13] C:\Program Files\Real [29/07/2008|16:18] C:\Program Files\Reallusion [01/10/2007|18:06] C:\Program Files\ReflexiveArcade [30/03/2007|11:26] C:\Program Files\RegCleaner [15/05/2008|17:19] C:\Program Files\Screamer Radio [17/03/2007|16:37] C:\Program Files\Services en ligne [20/12/2007|20:31] C:\Program Files\Skyline [31/10/2008|08:40] C:\Program Files\Skype [22/10/2008|14:43] C:\Program Files\Spybot - Search & Destroy [29/07/2008|15:32] C:\Program Files\Sqirlz Morph [17/05/2007|12:28] C:\Program Files\ToniArts [20/08/2008|07:04] C:\Program Files\Tracker Software [14/01/2008|09:43] C:\Program Files\Trend Micro [22/09/2007|12:15] C:\Program Files\Ubisoft [22/06/2007|06:38] C:\Program Files\Ulead Systems [21/06/2007|15:45] C:\Program Files\UnFREEz [31/01/2008|10:34] C:\Program Files\Uniblue [17/03/2007|17:59] C:\Program Files\Uninstall Information [10/10/2007|16:06] C:\Program Files\VCW VicMan's Photo Editor [27/07/2008|19:51] C:\Program Files\VideoMach-4.0.4 [27/03/2007|16:59] C:\Program Files\VirtualDub [30/10/2007|12:20] C:\Program Files\VirtualDubMOD [07/11/2007|19:57] C:\Program Files\Warcraft III [24/10/2008|19:47] C:\Program Files\Windows Live [29/06/2007|20:02] C:\Program Files\Windows Live Toolbar [29/06/2007|16:29] C:\Program Files\Windows Media Connect 2 [06/09/2008|22:01] C:\Program Files\Windows Media Player [06/09/2008|22:01] C:\Program Files\Windows NT [17/03/2007|16:37] C:\Program Files\WindowsUpdate [24/05/2007|16:49] C:\Program Files\WinPcap [17/03/2007|16:40] C:\Program Files\xerox [05/04/2007|12:34] C:\Program Files\Yahoo! [14/04/2008|12:31] C:\Program Files\Zylom Games --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [15/10/2008|14:24] C:\Program Files\Fichiers communs\Adobe [01/08/2008|14:11] C:\Program Files\Fichiers communs\Adobe AIR [11/01/2008|15:29] C:\Program Files\Fichiers communs\Ahead [01/05/2008|21:11] C:\Program Files\Fichiers communs\Apple [11/12/2007|16:59] C:\Program Files\Fichiers communs\AVSMedia [10/01/2008|16:43] C:\Program Files\Fichiers communs\DAZ [13/05/2007|12:12] C:\Program Files\Fichiers communs\DESIGNER [20/03/2007|10:26] C:\Program Files\Fichiers communs\FotoWire [21/06/2007|15:46] C:\Program Files\Fichiers communs\InstallShield [16/01/2008|11:25] C:\Program Files\Fichiers communs\Java [02/05/2008|07:24] C:\Program Files\Fichiers communs\LogiShrd [20/03/2007|10:24] C:\Program Files\Fichiers communs\Logitech [22/07/2008|11:17] C:\Program Files\Fichiers communs\Microsoft Shared [17/03/2007|16:36] C:\Program Files\Fichiers communs\MSSoap [11/01/2008|15:31] C:\Program Files\Fichiers communs\Nero [15/06/2007|16:10] C:\Program Files\Fichiers communs\Nikon [17/09/2007|19:52] C:\Program Files\Fichiers communs\Nokia [18/06/2008|16:51] C:\Program Files\Fichiers communs\Oberon Media [17/03/2007|17:30] C:\Program Files\Fichiers communs\ODBC [17/09/2007|19:52] C:\Program Files\Fichiers communs\PCSuite [19/05/2008|08:21] C:\Program Files\Fichiers communs\Real [29/07/2008|16:18] C:\Program Files\Fichiers communs\Reallusion [17/03/2007|16:36] C:\Program Files\Fichiers communs\Services [31/10/2008|08:40] C:\Program Files\Fichiers communs\Skype [17/03/2007|17:30] C:\Program Files\Fichiers communs\SpeechEngines [25/07/2008|13:16] C:\Program Files\Fichiers communs\Symantec Shared [06/09/2008|22:01] C:\Program Files\Fichiers communs\System [01/01/2008|14:56] C:\Program Files\Fichiers communs\WindowsLiveInstaller --------------------\\ Process ( 38 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping\Type Less.exe C:\DOCUME~1\A J~1\APPLIC~1\eqlist~1 C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1 C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1\beep great book platform.exe C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1\Cash dupe open.exe C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1\dunyczoo.exe C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1\Move Mapi Save.exe C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1\mxxtmjyc.exe C:\Program Files\eqlist~1 C:\DOCUME~1\A J~1\Cookies\a _joelle@bigpoint[1].txt C:\DOCUME~1\A J~1\Cookies\a _joelle@fr.xblaster.bigpoint[1].txt C:\DOCUME~1\A J~1\Cookies\a n_joelle@adopt.euroclick[2].txt C:\DOCUME~1\A J~1\Cookies\a _joelle@partypoker[2].txt C:\WINDOWS\Tasks\AFF6C93E91897BA6.job --------------------\\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-01 08:51:10 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 20 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\A J~1\Local Settings\Application Data\IM\Notifier\cracking_up.imn C:\DOCUME~1\A J~1\Local Settings\Application Data\IM\Runtime\NotifierThumbnail\E02C28C0-38CB-4505-B0F1-B6A2D6625408\cracking_up_thumb.bmp [F:89][D:13]-> C:\DOCUME~1\A J~1\LOCALS~1\Temp [F:53][D:0]-> C:\DOCUME~1\A J~1\Cookies [F:29][D:5]-> C:\DOCUME~1\A J~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 22/10/2008|21:30 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 01/11/2008| 8:44 - Option : [1] 3 - "C:\Lop SD\LopR_3.txt" - 01/11/2008| 8:52 - Option : [1] --------------------\\ Fin du rapport a 8:52:06 -
pub qui apparaissent
dragonnette a répondu à un(e) sujet de dragonnette dans Analyses et éradication malwares
je pense avoir mis l'option 1....mais bon ..... c'est fini avec les pubs c'est le principal et merci pour l'aide -
pub qui apparaissent
dragonnette a répondu à un(e) sujet de dragonnette dans Analyses et éradication malwares
sinon j'ai supprimer les sponsor de messenger live(que mon fils avait installé ) peut etre que cela suffit pour le moment je n'ai plus de pub -
pub qui apparaissent
dragonnette a répondu à un(e) sujet de dragonnette dans Analyses et éradication malwares
--------------------\\ Lop S&D 4.2.4-6 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon 64 Processor 3400+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : autin joelle ( Administrator ) BOOT : Normal boot A:\ (USB) C:\ (Local Disk) - NTFS - Total : 186 Go Free : 93 Go E:\ (USB) F:\ (USB) G:\ (USB) H:\ (USB) I:\ (CD or DVD) J:\ (USB) "C:\Lop SD" ( MAJ : 20-10-2008|20:35 ) Option : [1] ( 22/10/2008|21:29 ) --------------------\\ Listing des dossiers dans APPLIC~1 [07/09/2008|00:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [17/03/2007|18:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [01/05/2008|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [24/03/2007|23:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [11/11/2007|23:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU [14/04/2008|12:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Awem [17/09/2007|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations [06/03/2008|12:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [22/03/2007|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GalleryPlayer [22/03/2007|23:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [22/10/2008|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater [24/01/2008|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft [21/01/2008|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab [02/05/2008|08:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd [02/05/2008|08:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech [12/07/2007|17:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [18/06/2008|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [11/01/2008|16:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero [07/09/2008|00:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS [17/09/2007|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite [17/03/2007|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle [21/10/2008|19:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping [20/12/2007|21:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline [16/12/2007|10:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft [31/01/2008|15:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games [22/10/2008|13:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [28/04/2007|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SugarGames [18/06/2008|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [30/01/2008|21:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia [05/04/2007|13:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software [19/03/2007|20:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL [21/06/2007|22:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems [19/03/2007|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [28/06/2007|16:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar [09/07/2007|13:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller [25/04/2008|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [28/08/2007|15:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [01/08/2008|15:40] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Adobe [29/07/2008|15:04] C:\DOCUME~1\AUTINJ~1\APPLIC~1\AdobeUM [30/12/2007|15:31] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Ahead [04/04/2007|15:33] C:\DOCUME~1\AUTINJ~1\APPLIC~1\aignes [02/05/2008|09:12] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Apple Computer [27/05/2007|20:57] C:\DOCUME~1\AUTINJ~1\APPLIC~1\ArcSoft [11/11/2007|23:29] C:\DOCUME~1\AUTINJ~1\APPLIC~1\AVS4YOU [16/12/2007|15:11] C:\DOCUME~1\AUTINJ~1\APPLIC~1\AVSMedia [05/01/2008|23:11] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Blacksmith3D [01/08/2008|15:40] C:\DOCUME~1\AUTINJ~1\APPLIC~1\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [04/05/2008|23:24] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Datalayer [29/04/2007|13:58] C:\DOCUME~1\AUTINJ~1\APPLIC~1\EFF [20/03/2007|11:26] C:\DOCUME~1\AUTINJ~1\APPLIC~1\FotoWire [20/08/2008|08:06] C:\DOCUME~1\AUTINJ~1\APPLIC~1\G‚n‚atique2009 [01/04/2007|09:42] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Google [29/02/2008|15:44] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Grisoft [29/10/2007|10:31] C:\DOCUME~1\AUTINJ~1\APPLIC~1\gtk-2.0 [15/10/2008|13:59] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Help [14/04/2008|12:29] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Identities [29/07/2008|17:17] C:\DOCUME~1\AUTINJ~1\APPLIC~1\InstallShield [03/04/2007|13:45] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Lavasoft [07/07/2007|20:17] C:\DOCUME~1\AUTINJ~1\APPLIC~1\LimeWire [29/05/2007|11:09] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Macromedia [06/05/2008|13:52] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Microsoft [25/06/2008|22:49] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Morpheus Software [27/08/2008|23:55] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Mozilla [17/03/2007|18:31] C:\DOCUME~1\AUTINJ~1\APPLIC~1\MSNInstaller [29/12/2007|21:16] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Nero [15/06/2007|17:10] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Nikon [04/05/2008|23:19] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Nokia Multimedia Player [18/09/2007|10:20] C:\DOCUME~1\AUTINJ~1\APPLIC~1\PC Suite [16/05/2007|20:08] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Pegasys Inc [19/05/2008|09:21] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Real [30/07/2008|11:44] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Reallusion [29/10/2007|11:08] C:\DOCUME~1\AUTINJ~1\APPLIC~1\STOIK [26/03/2007|22:04] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Sun [03/05/2007|19:50] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Template [05/04/2007|13:10] C:\DOCUME~1\AUTINJ~1\APPLIC~1\TuneUp Software [14/12/2007|11:34] C:\DOCUME~1\AUTINJ~1\APPLIC~1\uk.co.planetside [31/01/2008|11:34] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Uniblue [30/10/2007|12:33] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Vso [22/04/2008|09:34] C:\DOCUME~1\AUTINJ~1\APPLIC~1\Zylom [25/07/2008|14:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia [02/01/2008|11:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [29/06/2007|20:48] C:\DOCUME~1\J.J\APPLIC~1\Microsoft [17/03/2007|17:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [17/03/2007|17:42] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [21/08/2008|17:50] C:\DOCUME~1\Yoan56\APPLIC~1\Adobe [07/10/2008|16:44] C:\DOCUME~1\Yoan56\APPLIC~1\Apple Computer [21/10/2008|19:12] C:\DOCUME~1\Yoan56\APPLIC~1\eq list tons [21/08/2008|17:47] C:\DOCUME~1\Yoan56\APPLIC~1\Google [21/08/2008|17:46] C:\DOCUME~1\Yoan56\APPLIC~1\Grisoft [21/08/2008|17:46] C:\DOCUME~1\Yoan56\APPLIC~1\Identities [25/07/2008|14:19] C:\DOCUME~1\Yoan56\APPLIC~1\Macromedia [31/08/2008|16:33] C:\DOCUME~1\Yoan56\APPLIC~1\Microsoft [01/09/2008|17:57] C:\DOCUME~1\Yoan56\APPLIC~1\PC Suite [21/10/2008|21:31] C:\DOCUME~1\Yoan56\APPLIC~1\Sun --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [22/10/2008 21:00][--ah-----] C:\WINDOWS\tasks\ABDB46B39188FE3F.job [19/10/2008 18:00][--a------] C:\WINDOWS\tasks\Norton Security Scan.job [16/09/2008 07:55][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [22/10/2008 11:25][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{8AB8951B-7936-40C6-9E66-EEDF2C07A808}.job [03/10/2008 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job [22/10/2008 19:22][--ah-----] C:\WINDOWS\tasks\SA.DAT [05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini ( ABDB46B39188FE3F.job )=( c:\docume~1\yoan56\applic~1\eqlist~1\Cashdupeopen.exe ) --------------------\\ Listing des dossiers dans C:\Program Files [16/01/2008|19:59] C:\Program Files\Abrosoft [03/04/2007|00:15] C:\Program Files\Acro Software [01/08/2008|15:11] C:\Program Files\Adobe [11/01/2008|16:31] C:\Program Files\Ahead [01/05/2008|22:28] C:\Program Files\Apple Software Update [27/05/2007|20:50] C:\Program Files\ArcSoft [27/03/2007|00:30] C:\Program Files\Audacity [16/05/2007|12:50] C:\Program Files\AviSynth 2.5 [12/11/2007|01:46] C:\Program Files\AVS4YOU [11/12/2007|17:58] C:\Program Files\AVSMedia [05/01/2008|23:11] C:\Program Files\Blacksmith3D-Suite 3.0 [22/07/2008|23:55] C:\Program Files\Bonjour [17/03/2007|18:22] C:\Program Files\CA [05/04/2007|13:00] C:\Program Files\CCleaner [17/03/2007|17:36] C:\Program Files\ComPlus Applications [28/01/2008|01:04] C:\Program Files\DAZ [17/09/2007|20:52] C:\Program Files\DIFX [20/09/2007|16:51] C:\Program Files\DivX [31/12/2007|20:55] C:\Program Files\Dj_show [09/12/2007|23:04] C:\Program Files\dogwaffle [22/11/2007|21:21] C:\Program Files\DVD Shrink [05/06/2007|14:27] C:\Program Files\Elaborate Bytes [03/01/2008|23:24] C:\Program Files\Electronic Arts [13/07/2007|22:26] C:\Program Files\Eltima Software [15/10/2008|14:34] C:\Program Files\epson [17/08/2008|14:38] C:\Program Files\ExtraFilm FotoFacil [01/08/2008|15:11] C:\Program Files\Fichiers communs [20/06/2008|20:28] C:\Program Files\Free Audio Pack [27/05/2008|17:57] C:\Program Files\freeDoc [15/10/2008|21:07] C:\Program Files\FXhome EffectsLab Pro [18/06/2008|18:14] C:\Program Files\Gamenext [18/06/2008|18:26] C:\Program Files\GamesBar [20/08/2008|08:08] C:\Program Files\Geneatique2009 [09/12/2007|23:08] C:\Program Files\Gimp [14/07/2007|08:57] C:\Program Files\GlobFX Technologies [21/05/2008|22:55] C:\Program Files\Google [24/01/2008|10:17] C:\Program Files\Grisoft [01/07/2008|00:00] C:\Program Files\Incomplete [15/10/2008|14:34] C:\Program Files\InstallShield Installation Information [15/10/2008|13:08] C:\Program Files\Internet Explorer [24/03/2007|23:15] C:\Program Files\iPod [01/05/2008|22:14] C:\Program Files\iTunes [16/01/2008|12:25] C:\Program Files\Java [31/12/2007|21:26] C:\Program Files\KaraFun [22/11/2007|22:25] C:\Program Files\Kate's Video Converter [19/04/2008|09:18] C:\Program Files\lame3.97 [03/04/2007|14:04] C:\Program Files\Lavasoft [02/05/2008|08:24] C:\Program Files\Logitech [29/06/2007|20:32] C:\Program Files\Macrogaming [07/09/2008|12:33] C:\Program Files\Messenger [21/10/2008|19:11] C:\Program Files\Messenger Plus! Live [29/06/2007|20:55] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [17/03/2007|17:40] C:\Program Files\microsoft frontpage [13/05/2007|13:12] C:\Program Files\Microsoft Office [17/03/2007|18:59] C:\Program Files\Microsoft SQL Server [01/01/2008|16:06] C:\Program Files\Microsoft SQL Server Compact Edition [13/05/2007|13:11] C:\Program Files\Microsoft.NET [25/06/2008|22:49] C:\Program Files\Morpheus Photo Morpher [06/09/2008|23:06] C:\Program Files\Movie Maker [22/10/2008|21:20] C:\Program Files\Mozilla Firefox [17/03/2007|18:31] C:\Program Files\MSN [17/03/2007|17:35] C:\Program Files\MSN Gaming Zone [21/10/2008|19:11] C:\Program Files\MSN Messenger [15/01/2008|19:41] C:\Program Files\Navilog1 [11/01/2008|16:20] C:\Program Files\Nero [06/09/2008|23:01] C:\Program Files\NetMeeting [16/05/2007|12:01] C:\Program Files\Neuf [27/05/2007|20:52] C:\Program Files\Nikon [17/09/2007|20:52] C:\Program Files\Nokia [20/08/2008|18:00] C:\Program Files\Norton Security Scan [07/09/2008|00:02] C:\Program Files\NOS [29/06/2007|20:50] C:\Program Files\Online Services [11/01/2008|14:11] C:\Program Files\Orange [06/09/2008|23:01] C:\Program Files\Outlook Express [20/10/2008|09:11] C:\Program Files\Paint.NET [22/10/2008|13:05] C:\Program Files\PeerCast [04/11/2007|23:02] C:\Program Files\PhotoBox [30/05/2008|09:57] C:\Program Files\PhotoFiltre [27/05/2008|17:01] C:\Program Files\Picasa2 [17/03/2007|18:59] C:\Program Files\Pinnacle [17/08/2008|09:19] C:\Program Files\Pixum [29/08/2007|16:36] C:\Program Files\printFIT [23/12/2007|11:31] C:\Program Files\project dogwaffle [20/08/2008|08:46] C:\Program Files\Protectis [01/05/2008|22:13] C:\Program Files\QuickTime [30/10/2007|17:07] C:\Program Files\RADVideo [27/07/2007|10:13] C:\Program Files\Real [29/07/2008|17:18] C:\Program Files\Reallusion [01/10/2007|19:06] C:\Program Files\ReflexiveArcade [30/03/2007|12:26] C:\Program Files\RegCleaner [15/05/2008|18:19] C:\Program Files\Screamer Radio [17/03/2007|17:37] C:\Program Files\Services en ligne [20/12/2007|21:31] C:\Program Files\Skyline [22/10/2008|15:43] C:\Program Files\Spybot - Search & Destroy [29/07/2008|16:32] C:\Program Files\Sqirlz Morph [17/05/2007|13:28] C:\Program Files\ToniArts [20/08/2008|08:04] C:\Program Files\Tracker Software [14/01/2008|10:43] C:\Program Files\Trend Micro [22/09/2007|13:15] C:\Program Files\Ubisoft [22/06/2007|07:38] C:\Program Files\Ulead Systems [21/06/2007|16:45] C:\Program Files\UnFREEz [31/01/2008|11:34] C:\Program Files\Uniblue [17/03/2007|18:59] C:\Program Files\Uninstall Information [10/10/2007|17:06] C:\Program Files\VCW VicMan's Photo Editor [27/07/2008|20:51] C:\Program Files\VideoMach-4.0.4 [27/03/2007|17:59] C:\Program Files\VirtualDub [30/10/2007|13:20] C:\Program Files\VirtualDubMOD [07/11/2007|20:57] C:\Program Files\Warcraft III [01/01/2008|16:08] C:\Program Files\Windows Live [29/06/2007|21:02] C:\Program Files\Windows Live Toolbar [29/06/2007|17:29] C:\Program Files\Windows Media Connect 2 [06/09/2008|23:01] C:\Program Files\Windows Media Player [06/09/2008|23:01] C:\Program Files\Windows NT [17/03/2007|17:37] C:\Program Files\WindowsUpdate [24/05/2007|17:49] C:\Program Files\WinPcap [17/03/2007|17:40] C:\Program Files\xerox [05/04/2007|13:34] C:\Program Files\Yahoo! [14/04/2008|13:31] C:\Program Files\Zylom Games --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [15/10/2008|15:24] C:\Program Files\Fichiers communs\Adobe [01/08/2008|15:11] C:\Program Files\Fichiers communs\Adobe AIR [11/01/2008|16:29] C:\Program Files\Fichiers communs\Ahead [01/05/2008|22:11] C:\Program Files\Fichiers communs\Apple [11/12/2007|17:59] C:\Program Files\Fichiers communs\AVSMedia [10/01/2008|17:43] C:\Program Files\Fichiers communs\DAZ [13/05/2007|13:12] C:\Program Files\Fichiers communs\DESIGNER [20/03/2007|11:26] C:\Program Files\Fichiers communs\FotoWire [21/06/2007|16:46] C:\Program Files\Fichiers communs\InstallShield [16/01/2008|12:25] C:\Program Files\Fichiers communs\Java [02/05/2008|08:24] C:\Program Files\Fichiers communs\LogiShrd [20/03/2007|11:24] C:\Program Files\Fichiers communs\Logitech [22/07/2008|12:17] C:\Program Files\Fichiers communs\Microsoft Shared [17/03/2007|17:36] C:\Program Files\Fichiers communs\MSSoap [11/01/2008|16:31] C:\Program Files\Fichiers communs\Nero [15/06/2007|17:10] C:\Program Files\Fichiers communs\Nikon [17/09/2007|20:52] C:\Program Files\Fichiers communs\Nokia [18/06/2008|17:51] C:\Program Files\Fichiers communs\Oberon Media [17/03/2007|18:30] C:\Program Files\Fichiers communs\ODBC [17/09/2007|20:52] C:\Program Files\Fichiers communs\PCSuite [19/05/2008|09:21] C:\Program Files\Fichiers communs\Real [29/07/2008|17:18] C:\Program Files\Fichiers communs\Reallusion [17/03/2007|17:36] C:\Program Files\Fichiers communs\Services [17/03/2007|18:30] C:\Program Files\Fichiers communs\SpeechEngines [25/07/2008|14:16] C:\Program Files\Fichiers communs\Symantec Shared [06/09/2008|23:01] C:\Program Files\Fichiers communs\System [01/01/2008|15:56] C:\Program Files\Fichiers communs\WindowsLiveInstaller --------------------\\ Process ( 41 Processes ) IEXPLORE.EXE ~ [PID:2360] --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping\Five burn.exe C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1 C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1\beep great book platform.exe C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1\Cash dupe open.exe C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1\dunyczoo.exe C:\DOCUME~1\Yoan56\APPLIC~1\eqlist~1\Move Mapi Save.exe C:\WINDOWS\Tasks\ABDB46B39188FE3F.job --------------------\\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-22 21:29:45 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 20 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\AUTINJ~1\Local Settings\Application Data\IM\Notifier\cracking_up.imn C:\DOCUME~1\AUTINJ~1\Local Settings\Application Data\IM\Runtime\NotifierThumbnail\E02C28C0-38CB-4505-B0F1-B6A2D6625408\cracking_up_thumb.bmp [F:26][D:7]-> C:\DOCUME~1\ J~1\LOCALS~1\Temp [F:91][D:0]-> C:\DOCUME~1\ J~1\Cookies [F:158][D:4]-> C:\DOCUME~1\ J~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 22/10/2008|21:30 - Option : [1] --------------------\\ Fin du rapport a 21:30:56 je voulais te demander aussi comment ne pas faire apparaitre mon nom dans les rapports? merci deton aide -
pub qui apparaissent
dragonnette a répondu à un(e) sujet de dragonnette dans Analyses et éradication malwares
Logfile of random's system information tool 1.04 (written by random/random) Run by autin joelle at 2008-10-22 21:05:59 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 96 GB (50%) free of 191 GB Total RAM: 1023 MB (53% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:06:04, on 22/10/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\CA\eTrust Antivirus\InoRpc.exe C:\Program Files\CA\eTrust Antivirus\InoRT.exe C:\Program Files\CA\eTrust Antivirus\InoTask.exe C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\CA\ETRUST~1\realmon.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\autin joelle\Bureau\RSIT.exe C:\Program Files\Trend Micro\HijackThis\autin joelle.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Windowjugs] C:\DOCUME~1\AUTINJ~1\APPLIC~1\EQLIST~1\Move Mapi Save.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/NET/Import/ImageUploader4.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://securite.neuf.fr/Ols/fscax.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/up...er_v2.2.0.2.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Serveur Admin eTrust Antivirus (InoNmSrv) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoNmSrv.exe O23 - Service: Serveur RPC eTrust Antivirus (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe O23 - Service: Serveur eTrust Antivirus Temps réel (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe O23 - Service: Serveur de jobs eTrust Antivirus (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O24 - Desktop Component 0: ElÚment crÚÚ par Ulead GIF Animator - C:\WINDOWS\system32\gaadi001.gif -- End of file - 11285 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\ABDB46B39188FE3F.job C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Maintenance en 1 clic.job C:\WINDOWS\tasks\Norton Security Scan.job C:\WINDOWS\tasks\User_Feed_Synchronization-{8AB8951B-7936-40C6-9E66-EEDF2C07A808}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-05-21 2582136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-21 652784] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}] EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-05-21 2582136] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Realtime Monitor"=C:\PROGRA~1\CA\ETRUST~1\realmon.exe [2004-06-26 504080] "!AVG Anti-Spyware"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [2007-06-11 6731312] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "Windowjugs"=C:\DOCUME~1\AUTINJ~1\APPLIC~1\EQLIST~1\Move Mapi Save.exe [2008-10-21 532480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] C:\ATI-CPanel\atiptaxx.exe [2004-11-24 344064] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2008-03-30 267048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2007-03-20 20480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe boot [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] C:\WINDOWS\SOUNDMAN.EXE [2005-03-24 77824] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-30 68856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk] C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [2007-03-20 450560] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2004-11-25 94208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2008-02-29 79408] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe"="C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe:*:Enabled:Far Cry" "C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III" "C:\Program Files\Warcraft III\War3.exe"="C:\Program Files\Warcraft III\War3.exe:*:Enabled:Warcraft III" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" "C:\Program Files\Pinnacle\MediaCenter\PMC.exe"="C:\Program Files\Pinnacle\MediaCenter\PMC.exe:LocalSubNet:Enabled:Pmc.exe" "C:\Program Files\Pinnacle\MediaCenter\PmcSettings.exe"="C:\Program Files\Pinnacle\MediaCenter\PmcSettings.exe:LocalSubNet:Enabled:pmcsettings.exe" "C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe:LocalSubNet:Enabled:PMSManager.exe" "C:\Program Files\Pinnacle\MediaCenter\EpgSpoolerSrv.exe"="C:\Program Files\Pinnacle\MediaCenter\EpgSpoolerSrv.exe:LocalSubNet:Enabled:EpgSpoolerSrv.exe" "C:\Program Files\Pinnacle\MediaCenter\tvtvWizard.exe"="C:\Program Files\Pinnacle\MediaCenter\tvtvWizard.exe:LocalSubNet:Enabled:tvtvWizard.exe" "C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe" "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe:LocalSubNet:Disabled:PMCService" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\PeerCast\PeerCast.exe"="C:\Program Files\PeerCast\PeerCast.exe:*:Disabled:PeerCast" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{68f8fc5a-b892-11dc-9089-001a92c9350b}] shell\Setup\command - D:\setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b5998317-daaa-11db-8d3a-0015f2f33c8b}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe ======List of files/folders created in the last 1 months====== 2008-10-22 21:05:59 ----D---- C:\rsit 2008-10-21 21:38:12 ----D---- C:\Documents and Settings\autin joelle\Application Data\eq list tons 2008-10-21 19:12:20 ----D---- C:\Documents and Settings\All Users\Application Data\Proxy Long Chin Ping 2008-10-21 19:12:01 ----D---- C:\Program Files\eq list tons 2008-10-21 19:11:47 ----D---- C:\Program Files\Circle Developement 2008-10-15 13:08:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2008-10-15 13:08:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$ 2008-10-15 13:08:25 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$ 2008-10-15 13:07:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$ 2008-10-15 13:06:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$ 2008-09-28 18:06:03 ----D---- C:\Program Files\PeerCast ======List of files/folders modified in the last 1 months====== 2008-10-22 21:05:59 ----D---- C:\WINDOWS\Prefetch 2008-10-22 19:23:52 ----D---- C:\WINDOWS\Temp 2008-10-22 19:23:46 ----D---- C:\WINDOWS 2008-10-22 19:23:41 ----D---- C:\WINDOWS\system32 2008-10-22 15:56:32 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-10-22 15:43:24 ----SD---- C:\WINDOWS\Downloaded Program Files 2008-10-22 15:43:23 ----D---- C:\Program Files\Spybot - Search & Destroy 2008-10-22 14:43:28 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater 2008-10-22 14:39:27 ----D---- C:\Program Files\Mozilla Firefox 2008-10-22 14:28:01 ----SHD---- C:\RECYCLER 2008-10-22 13:07:30 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-10-22 12:57:11 ----D---- C:\WINDOWS\system32\CatRoot2 2008-10-21 19:12:36 ----SD---- C:\WINDOWS\Tasks 2008-10-21 19:12:01 ----AD---- C:\Program Files 2008-10-21 19:11:47 ----D---- C:\Program Files\MSN Messenger 2008-10-21 19:11:47 ----D---- C:\Program Files\Messenger Plus! Live 2008-10-20 09:11:59 ----RSD---- C:\WINDOWS\assembly 2008-10-20 09:11:37 ----SHD---- C:\WINDOWS\Installer 2008-10-20 09:11:37 ----D---- C:\Config.Msi 2008-10-20 09:11:34 ----D---- C:\WINDOWS\WinSxS 2008-10-20 09:11:34 ----D---- C:\Program Files\Paint.NET 2008-10-20 09:04:51 ----D---- C:\WINDOWS\Debug 2008-10-16 13:19:52 ----A---- C:\WINDOWS\NeroDigital.ini 2008-10-15 21:07:24 ----D---- C:\Program Files\FXhome EffectsLab Pro 2008-10-15 15:44:37 ----D---- C:\WINDOWS\network diagnostic 2008-10-15 15:32:17 ----RSHDC---- C:\WINDOWS\system32\dllcache 2008-10-15 15:24:56 ----D---- C:\WINDOWS\system32\Adobe 2008-10-15 15:24:56 ----D---- C:\Program Files\Fichiers communs\Adobe 2008-10-15 14:34:49 ----D---- C:\Program Files\epson 2008-10-15 14:34:48 ----HD---- C:\Program Files\InstallShield Installation Information 2008-10-15 14:02:17 ----HD---- C:\WINDOWS\inf 2008-10-15 13:59:58 ----D---- C:\Documents and Settings\autin joelle\Application Data\Help 2008-10-15 13:08:34 ----D---- C:\WINDOWS\system32\drivers 2008-10-15 13:08:32 ----HD---- C:\WINDOWS\$hf_mig$ 2008-10-15 13:08:09 ----D---- C:\Program Files\Internet Explorer 2008-10-15 13:07:45 ----A---- C:\WINDOWS\win.ini 2008-10-07 21:19:40 ----A---- C:\WINDOWS\system32\MRT.exe 2008-10-03 19:12:27 ----A---- C:\WINDOWS\system32\ieframe.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 39424] R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968] R2 INO_FLTR;INO_FLTR; \??\C:\WINDOWS\system32\Drivers\ino_fltr.sys [] R2 Machnm32;Machnm32 Driver; \??\C:\WINDOWS\System32\Machnm32.sys [] R3 3xHybrid;Pinnacle PCTV Stereo service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-02-09 985088] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-03-25 2314560] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2003-11-28 11264] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-11-25 872960] R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-10-11 25624] R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016] R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2003-07-16 221736] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-02-24 33408] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-02-24 12928] R3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys [2005-05-27 1317152] R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2003-08-20 548952] R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2003-07-02 39348] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-10-19 2109976] S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488] S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2003-07-02 1301128] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2006-05-29 8704] S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2006-05-29 13312] S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2006-05-29 127488] S3 Nokia USB Port;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2006-05-29 13312] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2004-10-29 32000] S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2003-07-02 167384] S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-10-30 47360] S3 PMUSB2G;PassMark® Software USB 2.0 Loopback plug; C:\WINDOWS\System32\Drivers\PMUSB.sys [2004-11-25 18944] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2003-07-02 86128] S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 atapi;atapi; C:\WINDOWS\system32\drivers\atapi.sys [2008-04-13 96512] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-11-25 425984] R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376] R2 CA_LIC_CLNT;CA License Client; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe [2003-10-13 143360] R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-21 168432] R2 InoRPC;Serveur RPC eTrust Antivirus; C:\Program Files\CA\eTrust Antivirus\InoRpc.exe [2004-06-26 139536] R2 InoRT;Serveur eTrust Antivirus Temps réel; C:\Program Files\CA\eTrust Antivirus\InoRT.exe [2004-06-26 241936] R2 InoTask;Serveur de jobs eTrust Antivirus; C:\Program Files\CA\eTrust Antivirus\InoTask.exe [2004-06-26 254224] R2 LogWatch;Event Log Watch; C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe [2002-09-20 53248] R2 LVCOMSer;LVCOMSer; C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe [2007-10-19 186904] R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-10-19 141848] R2 MSSQL$PINNACLESYS;MSSQL$PINNACLESYS; C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [2002-12-17 7520337] R2 PinnacleSys.MediaServer;Pinnacle Systems Media Service; C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe [2004-10-29 45056] R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136] S2 InoNmSrv;Serveur Admin eTrust Antivirus; C:\Program Files\CA\eTrust Antivirus\InoNmSrv.exe [2004-06-26 344336] S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-10-19 141848] S2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-07-02 45056] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 CA_LIC_SRVR;CA License Server; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [2003-04-07 151552] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752] S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-03-30 504104] S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2004-10-29 86016] S3 ServiceLayer;ServiceLayer; C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe [2006-06-05 174080] S3 SQLAgent$PINNACLESYS;SQLAgent$PINNACLESYS; C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE [2002-12-17 311872] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] -----------------EOF----------------- Logfile of random's system information tool 1.04 (written by random/random) Run by autin joelle at 2008-10-22 21:05:59 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 96 GB (50%) free of 191 GB Total RAM: 1023 MB (53% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:06:04, on 22/10/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\CA\eTrust Antivirus\InoRpc.exe C:\Program Files\CA\eTrust Antivirus\InoRT.exe C:\Program Files\CA\eTrust Antivirus\InoTask.exe C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\CA\ETRUST~1\realmon.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\autin joelle\Bureau\RSIT.exe C:\Program Files\Trend Micro\HijackThis\autin joelle.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Windowjugs] C:\DOCUME~1\AUTINJ~1\APPLIC~1\EQLIST~1\Move Mapi Save.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/NET/Import/ImageUploader4.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://securite.neuf.fr/Ols/fscax.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/up...er_v2.2.0.2.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Serveur Admin eTrust Antivirus (InoNmSrv) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoNmSrv.exe O23 - Service: Serveur RPC eTrust Antivirus (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe O23 - Service: Serveur eTrust Antivirus Temps réel (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe O23 - Service: Serveur de jobs eTrust Antivirus (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O24 - Desktop Component 0: ElÚment crÚÚ par Ulead GIF Animator - C:\WINDOWS\system32\gaadi001.gif -- End of file - 11285 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\ABDB46B39188FE3F.job C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Maintenance en 1 clic.job C:\WINDOWS\tasks\Norton Security Scan.job C:\WINDOWS\tasks\User_Feed_Synchronization-{8AB8951B-7936-40C6-9E66-EEDF2C07A808}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-05-21 2582136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-21 652784] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}] EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-05-21 2582136] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Realtime Monitor"=C:\PROGRA~1\CA\ETRUST~1\realmon.exe [2004-06-26 504080] "!AVG Anti-Spyware"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [2007-06-11 6731312] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "Windowjugs"=C:\DOCUME~1\AUTINJ~1\APPLIC~1\EQLIST~1\Move Mapi Save.exe [2008-10-21 532480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] C:\ATI-CPanel\atiptaxx.exe [2004-11-24 344064] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2008-03-30 267048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2007-03-20 20480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe boot [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] C:\WINDOWS\SOUNDMAN.EXE [2005-03-24 77824] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-30 68856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk] C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [2007-03-20 450560] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2004-11-25 94208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2008-02-29 79408] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe"="C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe:*:Enabled:Far Cry" "C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III" "C:\Program Files\Warcraft III\War3.exe"="C:\Program Files\Warcraft III\War3.exe:*:Enabled:Warcraft III" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" "C:\Program Files\Pinnacle\MediaCenter\PMC.exe"="C:\Program Files\Pinnacle\MediaCenter\PMC.exe:LocalSubNet:Enabled:Pmc.exe" "C:\Program Files\Pinnacle\MediaCenter\PmcSettings.exe"="C:\Program Files\Pinnacle\MediaCenter\PmcSettings.exe:LocalSubNet:Enabled:pmcsettings.exe" "C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe:LocalSubNet:Enabled:PMSManager.exe" "C:\Program Files\Pinnacle\MediaCenter\EpgSpoolerSrv.exe"="C:\Program Files\Pinnacle\MediaCenter\EpgSpoolerSrv.exe:LocalSubNet:Enabled:EpgSpoolerSrv.exe" "C:\Program Files\Pinnacle\MediaCenter\tvtvWizard.exe"="C:\Program Files\Pinnacle\MediaCenter\tvtvWizard.exe:LocalSubNet:Enabled:tvtvWizard.exe" "C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe" "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe:LocalSubNet:Disabled:PMCService" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\PeerCast\PeerCast.exe"="C:\Program Files\PeerCast\PeerCast.exe:*:Disabled:PeerCast" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{68f8fc5a-b892-11dc-9089-001a92c9350b}] shell\Setup\command - D:\setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b5998317-daaa-11db-8d3a-0015f2f33c8b}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe ======List of files/folders created in the last 1 months====== 2008-10-22 21:05:59 ----D---- C:\rsit 2008-10-21 21:38:12 ----D---- C:\Documents and Settings\autin joelle\Application Data\eq list tons 2008-10-21 19:12:20 ----D---- C:\Documents and Settings\All Users\Application Data\Proxy Long Chin Ping 2008-10-21 19:12:01 ----D---- C:\Program Files\eq list tons 2008-10-21 19:11:47 ----D---- C:\Program Files\Circle Developement 2008-10-15 13:08:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2008-10-15 13:08:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$ 2008-10-15 13:08:25 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$ 2008-10-15 13:07:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$ 2008-10-15 13:06:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$ 2008-09-28 18:06:03 ----D---- C:\Program Files\PeerCast ======List of files/folders modified in the last 1 months====== 2008-10-22 21:05:59 ----D---- C:\WINDOWS\Prefetch 2008-10-22 19:23:52 ----D---- C:\WINDOWS\Temp 2008-10-22 19:23:46 ----D---- C:\WINDOWS 2008-10-22 19:23:41 ----D---- C:\WINDOWS\system32 2008-10-22 15:56:32 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-10-22 15:43:24 ----SD---- C:\WINDOWS\Downloaded Program Files 2008-10-22 15:43:23 ----D---- C:\Program Files\Spybot - Search & Destroy 2008-10-22 14:43:28 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater 2008-10-22 14:39:27 ----D---- C:\Program Files\Mozilla Firefox 2008-10-22 14:28:01 ----SHD---- C:\RECYCLER 2008-10-22 13:07:30 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-10-22 12:57:11 ----D---- C:\WINDOWS\system32\CatRoot2 2008-10-21 19:12:36 ----SD---- C:\WINDOWS\Tasks 2008-10-21 19:12:01 ----AD---- C:\Program Files 2008-10-21 19:11:47 ----D---- C:\Program Files\MSN Messenger 2008-10-21 19:11:47 ----D---- C:\Program Files\Messenger Plus! Live 2008-10-20 09:11:59 ----RSD---- C:\WINDOWS\assembly 2008-10-20 09:11:37 ----SHD---- C:\WINDOWS\Installer 2008-10-20 09:11:37 ----D---- C:\Config.Msi 2008-10-20 09:11:34 ----D---- C:\WINDOWS\WinSxS 2008-10-20 09:11:34 ----D---- C:\Program Files\Paint.NET 2008-10-20 09:04:51 ----D---- C:\WINDOWS\Debug 2008-10-16 13:19:52 ----A---- C:\WINDOWS\NeroDigital.ini 2008-10-15 21:07:24 ----D---- C:\Program Files\FXhome EffectsLab Pro 2008-10-15 15:44:37 ----D---- C:\WINDOWS\network diagnostic 2008-10-15 15:32:17 ----RSHDC---- C:\WINDOWS\system32\dllcache 2008-10-15 15:24:56 ----D---- C:\WINDOWS\system32\Adobe 2008-10-15 15:24:56 ----D---- C:\Program Files\Fichiers communs\Adobe 2008-10-15 14:34:49 ----D---- C:\Program Files\epson 2008-10-15 14:34:48 ----HD---- C:\Program Files\InstallShield Installation Information 2008-10-15 14:02:17 ----HD---- C:\WINDOWS\inf 2008-10-15 13:59:58 ----D---- C:\Documents and Settings\autin joelle\Application Data\Help 2008-10-15 13:08:34 ----D---- C:\WINDOWS\system32\drivers 2008-10-15 13:08:32 ----HD---- C:\WINDOWS\$hf_mig$ 2008-10-15 13:08:09 ----D---- C:\Program Files\Internet Explorer 2008-10-15 13:07:45 ----A---- C:\WINDOWS\win.ini 2008-10-07 21:19:40 ----A---- C:\WINDOWS\system32\MRT.exe 2008-10-03 19:12:27 ----A---- C:\WINDOWS\system32\ieframe.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 39424] R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968] R2 INO_FLTR;INO_FLTR; \??\C:\WINDOWS\system32\Drivers\ino_fltr.sys [] R2 Machnm32;Machnm32 Driver; \??\C:\WINDOWS\System32\Machnm32.sys [] R3 3xHybrid;Pinnacle PCTV Stereo service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-02-09 985088] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-03-25 2314560] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2003-11-28 11264] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-11-25 872960] R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-10-11 25624] R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016] R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2003-07-16 221736] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-02-24 33408] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-02-24 12928] R3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys [2005-05-27 1317152] R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2003-08-20 548952] R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2003-07-02 39348] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-10-19 2109976] S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488] S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2003-07-02 1301128] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2006-05-29 8704] S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2006-05-29 13312] S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2006-05-29 127488] S3 Nokia USB Port;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2006-05-29 13312] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2004-10-29 32000] S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2003-07-02 167384] S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-10-30 47360] S3 PMUSB2G;PassMark® Software USB 2.0 Loopback plug; C:\WINDOWS\System32\Drivers\PMUSB.sys [2004-11-25 18944] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2003-07-02 86128] S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 atapi;atapi; C:\WINDOWS\system32\drivers\atapi.sys [2008-04-13 96512] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-11-25 425984] R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376] R2 CA_LIC_CLNT;CA License Client; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe [2003-10-13 143360] R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-21 168432] R2 InoRPC;Serveur RPC eTrust Antivirus; C:\Program Files\CA\eTrust Antivirus\InoRpc.exe [2004-06-26 139536] R2 InoRT;Serveur eTrust Antivirus Temps réel; C:\Program Files\CA\eTrust Antivirus\InoRT.exe [2004-06-26 241936] R2 InoTask;Serveur de jobs eTrust Antivirus; C:\Program Files\CA\eTrust Antivirus\InoTask.exe [2004-06-26 254224] R2 LogWatch;Event Log Watch; C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe [2002-09-20 53248] R2 LVCOMSer;LVCOMSer; C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe [2007-10-19 186904] R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-10-19 141848] R2 MSSQL$PINNACLESYS;MSSQL$PINNACLESYS; C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [2002-12-17 7520337] R2 PinnacleSys.MediaServer;Pinnacle Systems Media Service; C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe [2004-10-29 45056] R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136] S2 InoNmSrv;Serveur Admin eTrust Antivirus; C:\Program Files\CA\eTrust Antivirus\InoNmSrv.exe [2004-06-26 344336] S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-10-19 141848] S2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-07-02 45056] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 CA_LIC_SRVR;CA License Server; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [2003-04-07 151552] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752] S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-03-30 504104] S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2004-10-29 86016] S3 ServiceLayer;ServiceLayer; C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe [2006-06-05 174080] S3 SQLAgent$PINNACLESYS;SQLAgent$PINNACLESYS; C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE [2002-12-17 311872] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] -----------------EOF----------------- -
bonjour j'ai des pubs qui surgissent (ad revolver, right media ect...souvent CID???), si quelqu'un peut m'aider ci joint le scan hijackthis merci d'avance Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:43:49, on 22/10/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\CA\eTrust Antivirus\InoRpc.exe C:\Program Files\CA\eTrust Antivirus\InoRT.exe C:\Program Files\CA\eTrust Antivirus\InoTask.exe C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\CA\ETRUST~1\realmon.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/NET/Import/ImageUploader4.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://securite.neuf.fr/Ols/fscax.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/up...er_v2.2.0.2.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Serveur Admin eTrust Antivirus (InoNmSrv) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoNmSrv.exe O23 - Service: Serveur RPC eTrust Antivirus (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe O23 - Service: Serveur eTrust Antivirus Temps réel (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe O23 - Service: Serveur de jobs eTrust Antivirus (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O24 - Desktop Component 0: ElÚment crÚÚ par Ulead GIF Animator - C:\WINDOWS\system32\gaadi001.gif -- End of file - 11055 bytes
-
bonjour non j'ai pas de problèmes c'est juste un peu lent merci de votre aide
-
RE donc c'est bon vu que j'ai lancer la vérification et correction si erreur!
-
bonjour sinon j'ai été dans propriétés de disque local(C:) : -outils -verification des erreurs c'est indiqué :cette option vérifiera le volume est-ce que c'est c'est valable
-
options du Boot soient bien paramétrées?deja rien que ça je ne sais pas quels sont les parametres et ou ça se trouvent
-
ça me parait très compliqué,je ne comprends rien à ce que je vais faire ,si je fais une erreur ...quelles en seront les conséquences?
-
bonjour je crois que c'est ça .........en effet c'est très long! et incomprehensible pour moi DiagHelp version v1.4 - http://www.malekal.com excute le 27/03/2008 à 14:45:41,10 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->27/03/2008 14:45:37 C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->27/03/2008 14:45:26 C:\WINDOWS\prefetch\EXPLORER.EXE-082F38A9.pf -->27/03/2008 14:44:38 C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->27/03/2008 14:44:12 C:\WINDOWS\prefetch\FIREFOX.EXE-28641590.pf -->27/03/2008 14:42:51 C:\WINDOWS\prefetch\SPYWARETERMINATORSHIELD.EXE-0B95C9BB.pf -->27/03/2008 14:41:33 C:\WINDOWS\prefetch\SPYWARETERMINATOR.EXE-0C0A5116.pf -->27/03/2008 14:41:27 C:\WINDOWS\prefetch\AVGAS.EXE-27525987.pf -->27/03/2008 14:38:47 C:\WINDOWS\prefetch\WMIPRVSE.EXE-28F301A9.pf -->27/03/2008 14:35:22 C:\WINDOWS\prefetch\layout.ini -->27/03/2008 14:35:16 C:\WINDOWS\System32\drivers\sp_rsdrv2.sys -->29/02/2008 15:07:03 C:\WINDOWS\System32\drivers\mrxdav.sys -->18/12/2007 10:51:35 C:\WINDOWS\System32\drivers\secdrv.sys -->13/11/2007 11:25:54 C:\WINDOWS\System32\drivers\tcpip.sys -->30/10/2007 18:20:55 C:\WINDOWS\System32\drivers\pcouffin.sys -->30/10/2007 11:19:19 C:\WINDOWS\System32\drivers\AvgAsCln.sys -->30/05/2007 13:10:42 C:\WINDOWS\System32\drivers\ntfs.sys -->09/02/2007 12:10:35 C:\WINDOWS\System32\wpa.dbl -->27/03/2008 12:04:45 C:\WINDOWS\System32\CompiledAdapter -->27/03/2008 12:04:28 C:\WINDOWS\System32\PerfStringBackup.INI -->14/03/2008 12:50:02 C:\WINDOWS\System32\perfh00C.dat -->14/03/2008 12:50:02 C:\WINDOWS\System32\perfh009.dat -->14/03/2008 12:50:02 C:\WINDOWS\System32\perfc00C.dat -->14/03/2008 12:50:02 C:\WINDOWS\System32\perfc009.dat -->14/03/2008 12:50:02 C:\WINDOWS\System32\MRT.exe -->05/03/2008 17:30:54 C:\WINDOWS\System32\wodfamop.dll -->02/02/2008 09:52:32 C:\WINDOWS\System32\FNTCACHE.DAT -->28/01/2008 19:30:35 C:\WINDOWS\System32\jupdate-1.6.0_03-b05.log -->16/01/2008 11:25:43 C:\WINDOWS\System32\MsiExec.exe.log -->11/01/2008 15:19:26 C:\WINDOWS\System32\pngfilt.dll -->11/01/2008 06:36:55 C:\WINDOWS\System32\dxtmsft.dll -->19/12/2007 23:53:23 C:\WINDOWS\System32\TZLog.log -->12/12/2007 15:49:40 C:\WINDOWS\System32\EPPICResdb0000 -->09/12/2007 22:06:29 C:\WINDOWS\System32\EPPICResdb -->09/12/2007 22:06:29 C:\WINDOWS\System32\mshtml.dll -->08/12/2007 06:08:36 C:\WINDOWS\System32\wininet.dll -->07/12/2007 03:08:34 C:\WINDOWS\System32\webcheck.dll -->07/12/2007 03:08:34 C:\WINDOWS\System32\urlmon.dll -->07/12/2007 03:08:34 C:\WINDOWS\System32\url.dll -->07/12/2007 03:08:34 C:\WINDOWS\System32\occache.dll -->07/12/2007 03:08:34 C:\WINDOWS\System32\mstime.dll -->07/12/2007 03:08:34 C:\WINDOWS\System32\msrating.dll -->07/12/2007 03:08:34 C:\WINDOWS\WindowsUpdate.log -->27/03/2008 13:50:35 C:\WINDOWS\QTFont.qfn -->27/03/2008 13:17:02 C:\WINDOWS\QTFont.for -->27/03/2008 13:17:02 C:\WINDOWS\0.log -->27/03/2008 12:04:30 C:\WINDOWS\wiadebug.log -->27/03/2008 12:04:26 C:\WINDOWS\wiaservc.log -->27/03/2008 12:04:23 C:\WINDOWS\bootstat.dat -->27/03/2008 12:04:04 C:\WINDOWS\SchedLgU.Txt -->27/03/2008 12:03:05 C:\WINDOWS\unins000.dat -->26/03/2008 14:15:37 C:\WINDOWS\unins000.exe -->26/03/2008 14:14:45 C:\WINDOWS\NeroDigital.ini -->24/03/2008 15:11:42 C:\WINDOWS\win.ini -->20/03/2008 11:19:31 C:\WINDOWS\PROTOCOL.INI -->19/03/2008 15:20:14 C:\WINDOWS\EPISMF00.SWB -->01/02/2008 13:07:19 C:\WINDOWS\WLXPGSS.SCR -->01/02/2008 11:17:40 winlogon.exe Verified: Signed svchost.exe Verified: Signed ws2_32.dll Verified: Signed user32.dll Verified: Signed tcpip.sys Verified: Signed ndis.sys Verified: Signed null.sys Verified: Signed ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 1908 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x44080000 0xcf000 7.00.6000.16608 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x43e00000 0x45000 7.00.6000.16608 C:\WINDOWS\system32\iertutil.dll 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x13420000 0x1a000 11.00.5721.5145 C:\PROGRA~1\WINDOW~2\wmpband.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x44360000 0x5cd000 7.00.6000.16608 C:\WINDOWS\system32\ieframe.dll 0x44160000 0x127000 7.00.6000.16608 C:\WINDOWS\system32\urlmon.dll 0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll 0x442b0000 0x3c000 7.00.6000.16608 C:\WINDOWS\system32\webcheck.dll 0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll 0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x03150000 0x4c000 8.00.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA 0x10000000 0x173000 1.01.0000.0006 C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll 0x7c140000 0x103000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MFC71.DLL 0x7c340000 0x56000 7.10.3052.0004 C:\Program Files\Fichiers communs\Ahead\Lib\MSVCR71.dll 0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MSVCP71.dll 0x5d360000 0xf000 7.10.3077.0000 C:\WINDOWS\system32\MFC71FRA.DLL 0x01450000 0x5b000 8.01.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll 0x78130000 0x9b000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll 0x01150000 0x10000 8.00.0000.0456 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 0x01cf0000 0x54000 1.00.0000.0000 C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll 0x02950000 0x13000 7.05.0001.0036 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 732 Command line: winlogon.exe Base Size Version Path 0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x10000000 0x19000 6.14.0010.4110 C:\WINDOWS\system32\Ati2evxx.dll 0x012b0000 0x3b000 1.07.0018.0005 C:\WINDOWS\system32\WgaLogon.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est C889-F9B2 Répertoire de C:\WINDOWS\system32 05/08/2004 13:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 68 828 545 024 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est C889-F9B2 Répertoire de C:\WINDOWS\Downloaded Program Files 02/02/2008 19:16 <REP> . 02/02/2008 19:16 <REP> .. 02/07/2007 14:44 941 688 asquared.ocx 07/12/2004 17:07 32 bdcore.dll 25/05/2006 01:21 118 784 bdupd.dll 22/04/2007 21:57 65 desktop.ini 26/07/2007 15:03 214 DivXPlugin.inf 25/07/2002 16:13 24 576 dwusplay.dll 25/07/2002 16:13 196 608 dwusplay.exe 23/03/2007 11:17 1 292 erma.inf 22/11/2006 22:22 372 736 GAME_UNO1.dll 22/11/2006 19:50 316 GAME_UNO1.INF 28/06/2007 14:18 907 GoPetsWeb.inf 29/06/2007 22:34 448 024 GoPetsWeb.ocx 14/02/2007 17:44 378 ImageUploader4.inf 14/02/2007 17:44 2 557 752 ImageUploader4.ocx 25/05/2006 01:21 53 248 ipsupd.dll 25/07/2002 16:05 172 032 isusweb.dll 25/09/2007 01:33 1 055 jinstall-6u3.inf 07/01/2007 12:55 2 305 kavwebscan.inf 16/03/2005 12:34 7 407 lang.ini 08/10/2007 20:21 367 LegitCheckControl.inf 07/12/2004 17:07 32 libfn.dll 14/03/2005 14:38 126 live.ini 22/02/2007 22:41 304 544 MessengerStatsPAClient.dll 28/02/2007 13:21 131 472 msgrchkr.dll 20/06/2006 14:44 379 704 MsnPUpld.dll 19/06/2006 13:40 393 MsnPUpld.inf 15/11/2006 22:42 1 461 MusicManager.inf 24/03/2007 15:40 63 056 MusicManagerUnInstaller.exe 28/02/2007 19:24 361 OGAControl.inf 29/10/2007 16:45 1 244 oscan8.inf 25/10/2007 16:54 471 040 oscan8.ocx 20/06/2006 14:44 117 560 PURen-us.dll 09/01/2007 07:30 110 592 PURfr-fr.dll 14/03/2005 14:58 7 073 scanoptions.tsi 14/02/2007 15:30 144 setup.inf 28/02/2007 13:21 142 248 SolitaireShowdown.dll 07/02/2007 18:35 1 068 272 uploader_uni.ocx 19/02/2007 10:26 159 128 ZIntro.ocx 38 fichier(s) 7 858 236 octets Total des fichiers listés : 38 fichier(s) 7 858 236 octets 2 Rép(s) 68 828 536 832 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Pinnacle\\MediaCenter\\PMC.exe"="C:\\Program Files\\Pinnacle\\MediaCenter\\PMC.exe:LocalSubNet:Enabled:Pmc.exe" "C:\\Program Files\\Pinnacle\\MediaCenter\\PmcSettings.exe"="C:\\Program Files\\Pinnacle\\MediaCenter\\PmcSettings.exe:LocalSubNet:Enabled:pmcsettings.exe" "C:\\Program Files\\Pinnacle\\Shared Files\\Programs\\MediaManager\\PMSManager.exe"="C:\\Program Files\\Pinnacle\\Shared Files\\Programs\\MediaManager\\PMSManager.exe:LocalSubNet:Enabled:PMSManager.exe" "C:\\Program Files\\Pinnacle\\MediaCenter\\EpgSpoolerSrv.exe"="C:\\Program Files\\Pinnacle\\MediaCenter\\EpgSpoolerSrv.exe:LocalSubNet:Enabled:EpgSpoolerSrv.exe" "C:\\Program Files\\Pinnacle\\MediaCenter\\tvtvWizard.exe"="C:\\Program Files\\Pinnacle\\MediaCenter\\tvtvWizard.exe:LocalSubNet:Enabled:tvtvWizard.exe" "C:\\Program Files\\Pinnacle\\Shared Files\\Programs\\MediaServer\\PMSInstallInit.exe"="C:\\Program Files\\Pinnacle\\Shared Files\\Programs\\MediaServer\\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe" "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" "C:\\Program Files\\Pinnacle\\Shared Files\\Programs\\MediaCenterService\\PMC.Service.Main.exe"="C:\\Program Files\\Pinnacle\\Shared Files\\Programs\\MediaCenterService\\PMC.Service.Main.exe:LocalSubNet:Disabled:PMCService" "C:\\Program Files\\Ubisoft\\Crytek\\Far Cry\\Bin32\\FarCry.exe"="C:\\Program Files\\Ubisoft\\Crytek\\Far Cry\\Bin32\\FarCry.exe:*:Enabled:Far Cry" "C:\\Program Files\\Warcraft III\\Warcraft III.exe"="C:\\Program Files\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III" "C:\\Program Files\\Warcraft III\\War3.exe"="C:\\Program Files\\Warcraft III\\War3.exe:*:Enabled:Warcraft III" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-27 14:46:11 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 160 - ctfmon.exe 176 - GoogleToolbarNo 248 - guard.exe 308 - firefox.exe 460 - InoRpc.exe 476 - InoRT.exe 520 - InoTask.exe 696 - csrss.exe 732 - winlogon.exe 776 - services.exe 788 - lsass.exe 900 - sqlservr.exe 960 - svchost.exe 1028 - svchost.exe 1120 - svchost.exe 1176 - svchost.exe 1204 - svchost.exe 1300 - sp_rsser.exe 1496 - spoolsv.exe 1544 - SpywareTerminat 1908 - explorer.exe 2016 - Realmon.exe 2160 - PMSHost.exe 3064 - alg.exe 3948 - cmd.exe Total number of processes = 26 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806CE000 - \WINDOWS\system32\hal.dll F7ADC000 - \WINDOWS\system32\KDCOM.DLL F79EC000 - \WINDOWS\system32\BOOTVID.dll F74AC000 - ACPI.sys F7ADE000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS F749B000 - pci.sys F75DC000 - isapnp.sys F75EC000 - ohci1394.sys F75FC000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS F7AE0000 - avgarkt.sys F760C000 - MountMgr.sys F747C000 - ftdisk.sys F785C000 - PartMgr.sys F761C000 - VolSnap.sys F7466000 - nvatabus.sys F762C000 - disk.sys F763C000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS F7446000 - fltMgr.sys F7434000 - sr.sys F7864000 - ino_flpy.sys F764C000 - PxHelp20.sys F741D000 - KSecDD.sys F7390000 - Ntfs.sys F7363000 - NDIS.sys F79F0000 - RecAgent.sys F786C000 - nvcchflt.sys F7348000 - Mup.sys F767C000 - \SystemRoot\system32\DRIVERS\nic1394.sys F772C000 - \SystemRoot\system32\DRIVERS\AmdK8.sys F7964000 - \SystemRoot\system32\DRIVERS\usbohci.sys F60EA000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS F796C000 - \SystemRoot\system32\DRIVERS\usbehci.sys F5EB4000 - \SystemRoot\system32\drivers\ALCXWDM.SYS F5E90000 - \SystemRoot\system32\drivers\portcls.sys F774C000 - \SystemRoot\system32\drivers\drmk.sys F5E6D000 - \SystemRoot\system32\drivers\ks.sys F775C000 - \SystemRoot\system32\DRIVERS\imapi.sys F7974000 - \SystemRoot\system32\drivers\ASAPIW2k.sys F776C000 - \SystemRoot\system32\DRIVERS\cdrom.sys F777C000 - \SystemRoot\system32\DRIVERS\redbook.sys F797C000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys F5E19000 - \SystemRoot\system32\DRIVERS\slntamr.sys F7984000 - \SystemRoot\system32\DRIVERS\SlWdmSup.sys F5DFB000 - \SystemRoot\system32\DRIVERS\Mtlmnt5.sys F798C000 - \SystemRoot\System32\Drivers\Modem.SYS F5D0A000 - \SystemRoot\system32\DRIVERS\3xHybrid.sys F7300000 - \SystemRoot\system32\DRIVERS\BdaSup.SYS F7A64000 - \SystemRoot\system32\DRIVERS\nvnetbus.sys F5CCA000 - \SystemRoot\system32\DRIVERS\NVNRM.SYS F5C97000 - \SystemRoot\system32\DRIVERS\NVSNPU.SYS F5BB6000 - \SystemRoot\system32\DRIVERS\ati2mtag.sys F5BA2000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS F7994000 - \SystemRoot\system32\DRIVERS\fdc.sys F5B91000 - \SystemRoot\system32\DRIVERS\serial.sys F7A6C000 - \SystemRoot\system32\DRIVERS\serenum.sys F5B7D000 - \SystemRoot\system32\DRIVERS\parport.sys F6A14000 - \SystemRoot\system32\DRIVERS\i8042prt.sys F799C000 - \SystemRoot\system32\DRIVERS\kbdclass.sys F7CAD000 - \SystemRoot\system32\DRIVERS\audstub.sys F69C4000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys F7A98000 - \SystemRoot\system32\DRIVERS\ndistapi.sys F5766000 - \SystemRoot\system32\DRIVERS\ndiswan.sys F69B4000 - \SystemRoot\system32\DRIVERS\raspppoe.sys F69A4000 - \SystemRoot\system32\DRIVERS\raspptp.sys F789C000 - \SystemRoot\system32\DRIVERS\TDI.SYS F5755000 - \SystemRoot\system32\DRIVERS\psched.sys F6994000 - \SystemRoot\system32\DRIVERS\msgpc.sys F78A4000 - \SystemRoot\system32\DRIVERS\ptilink.sys F78AC000 - \SystemRoot\system32\DRIVERS\raspti.sys F778C000 - \SystemRoot\system32\DRIVERS\termdd.sys F78B4000 - \SystemRoot\system32\DRIVERS\mouclass.sys F7B50000 - \SystemRoot\system32\DRIVERS\swenum.sys F5721000 - \SystemRoot\system32\DRIVERS\update.sys F7AA0000 - \SystemRoot\system32\DRIVERS\mssmbios.sys F28AE000 - \SystemRoot\System32\Drivers\NDProxy.SYS F289E000 - \SystemRoot\system32\DRIVERS\usbhub.sys F0779000 - \SystemRoot\system32\DRIVERS\USBD.SYS EF1DA000 - \SystemRoot\system32\drivers\MODEMCSA.sys EE088000 - \SystemRoot\system32\DRIVERS\NVENETFD.sys EC480000 - \SystemRoot\system32\DRIVERS\flpydisk.sys F0777000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS EBF24000 - \SystemRoot\System32\Drivers\Null.SYS F0775000 - \SystemRoot\System32\Drivers\Beep.SYS EBF23000 - \SystemRoot\System32\DRIVERS\AvgArCln.sys EF1CE000 - \SystemRoot\system32\DRIVERS\hidusb.sys EE058000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS EC470000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS EC138000 - \SystemRoot\system32\DRIVERS\usbccgp.sys EC130000 - \SystemRoot\System32\drivers\vga.sys F0773000 - \SystemRoot\System32\Drivers\mnmdd.SYS F0771000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys EC128000 - \SystemRoot\System32\Drivers\Msfs.SYS EC120000 - \SystemRoot\System32\Drivers\Npfs.SYS EE8C1000 - \SystemRoot\system32\DRIVERS\rasacd.sys B2F7D000 - \SystemRoot\system32\DRIVERS\ipsec.sys B2F25000 - \SystemRoot\system32\DRIVERS\tcpip.sys B2EFD000 - \SystemRoot\system32\DRIVERS\netbt.sys B2EDB000 - \SystemRoot\System32\drivers\afd.sys EBFC5000 - \SystemRoot\system32\DRIVERS\netbios.sys B2EB9000 - \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys B2E8E000 - \SystemRoot\system32\DRIVERS\rdbss.sys B2DF7000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys EBFA5000 - \SystemRoot\System32\Drivers\Fips.SYS B2DD6000 - \SystemRoot\system32\DRIVERS\ipnat.sys EBF95000 - \SystemRoot\system32\DRIVERS\wanarp.sys EBF85000 - \SystemRoot\system32\DRIVERS\arp1394.sys EC110000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS EBFEF000 - \SystemRoot\system32\DRIVERS\mouhid.sys B2964000 - \SystemRoot\system32\drivers\lvusbsta.sys B23AA000 - \SystemRoot\system32\DRIVERS\LVCM.sys B218F000 - \SystemRoot\system32\DRIVERS\lvsvf2.sys B2954000 - \SystemRoot\system32\DRIVERS\STREAM.SYS AF645000 - \SystemRoot\system32\drivers\usbaudio.sys AF625000 - \SystemRoot\System32\Drivers\Cdfs.SYS ADAC1000 - \SystemRoot\System32\Drivers\dump_nvatabus.sys F7B8C000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys AF8CB000 - \SystemRoot\System32\drivers\Dxapi.sys F4A90000 - \SystemRoot\System32\watchdog.sys BF9C3000 - \SystemRoot\System32\drivers\dxg.sys B2533000 - \SystemRoot\System32\drivers\dxgthk.sys BF9D5000 - \SystemRoot\System32\ati2dvag.dll BFA0F000 - \SystemRoot\System32\ati2cqag.dll BFA4C000 - \SystemRoot\System32\ati3duag.dll BFC7F000 - \SystemRoot\System32\ativvaxx.dll ABA9B000 - \??\C:\WINDOWS\system32\Drivers\ino_fltr.sys F7ABC000 - \SystemRoot\system32\DRIVERS\ndisuio.sys ABA86000 - \SystemRoot\system32\drivers\wdmaud.sys ADC22000 - \SystemRoot\system32\drivers\sysaudio.sys AB8A2000 - \SystemRoot\system32\DRIVERS\mrxdav.sys B29FD000 - \SystemRoot\System32\Drivers\ParVdm.SYS AB788000 - \SystemRoot\system32\DRIVERS\srv.sys AE230000 - \SystemRoot\system32\DRIVERS\secdrv.sys AB2E7000 - \SystemRoot\System32\Drivers\HTTP.sys AB044000 - \SystemRoot\System32\Drivers\Fastfat.SYS BFFA0000 - \SystemRoot\System32\ATMFD.DLL B26DA000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 138 Liste des programmes installes Abrosoft FantaMorph 4.0 Ad-Aware SE Personal Adobe Flash Player ActiveX Adobe Flash Player Plugin Adobe Reader 8.1.2 - Français Adobe Shockwave Player ArcSoft Panorama Maker 3 Assistant de connexion Windows Live ATI Control Panel ATI Display Driver Audacity 1.2.6 AVG Anti-Rootkit Free AVG Anti-Spyware 7.5 AVS DVDMenu Editor 1.2.1.19 AVS Video Tools 5.6 Bink and Smacker Blacksmith3D-Suite 3.0 CA eTrust Antivirus CA Licensing CCleaner (remove only) Correctif pour Lecteur Windows Media 11 (KB939683) Correctif pour Windows XP (KB914440) Correctif Windows XP - KB834707 Correctif Windows XP - KB887472 Correctif Windows XP - KB888302 Correctif Windows XP - KB890859 Correctif Windows XP - KB891781 DivX Content Uploader DivX Web Player DVD Shrink 3.2 EPSON CardMonitor EPSON Copy Utility 3 EPSON Logiciel imprimante EPSON PhotoQuicker3.5 EPSON PhotoStarter3.1 EPSON PRINT Image Framer Tool2.1 EPSON Scan EPSON Smart Panel EPSON Web-To-Page ESCX3600 Guide de réf. ESCX3600 Guide des logiciels Far Cry Far Cry Far Cry (Patch 1.3) Far Cry (Patch 1.31) Far Cry (Patch 1.33) Far Cry (Patch 1.4) Galerie de photos Windows Live Gimp pour Windows Google Earth Google Toolbar for Internet Explorer HijackThis 2.0.2 Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB915865) Hotfix for Windows XP (KB926239) iTunes Java 6 Update 3 Kaspersky Online Scanner Kit d´impression d´étiquettes Lame ACM MP3 Codec Lecteur Windows Media 11 Logiciel QuickCam de Logitech Logitech Desktop Messenger Logitech Print Service Messenger Plus! Live Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office Excel Viewer 2003 Microsoft Office Professional Edition 2003 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Desktop Engine (PINNACLESYS) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft XML Parser Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918118) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921503) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB923694) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB924667) Mise à jour de sécurité pour Windows XP (KB925902) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour de sécurité pour Windows XP (KB926436) Mise à jour de sécurité pour Windows XP (KB927779) Mise à jour de sécurité pour Windows XP (KB927802) Mise à jour de sécurité pour Windows XP (KB928090) Mise à jour de sécurité pour Windows XP (KB928255) Mise à jour de sécurité pour Windows XP (KB928843) Mise à jour de sécurité pour Windows XP (KB929123) Mise à jour de sécurité pour Windows XP (KB930178) Mise à jour de sécurité pour Windows XP (KB931261) Mise à jour de sécurité pour Windows XP (KB931784) Mise à jour de sécurité pour Windows XP (KB932168) Mise à jour de sécurité pour Windows XP (KB933729) Mise à jour de sécurité pour Windows XP (KB935839) Mise à jour de sécurité pour Windows XP (KB935840) Mise à jour de sécurité pour Windows XP (KB936021) Mise à jour de sécurité pour Windows XP (KB938829) Mise à jour de sécurité pour Windows XP (KB941202) Mise à jour de sécurité pour Windows XP (KB941568) Mise à jour de sécurité pour Windows XP (KB941569) Mise à jour de sécurité pour Windows XP (KB941644) Mise à jour de sécurité pour Windows XP (KB943055) Mise à jour de sécurité pour Windows XP (KB943460) Mise à jour de sécurité pour Windows XP (KB943485) Mise à jour de sécurité pour Windows XP (KB944653) Mise à jour de sécurité pour Windows XP (KB946026) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB904942) Mise à jour pour Windows XP (KB908531) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mise à jour pour Windows XP (KB927891) Mise à jour pour Windows XP (KB929338) Mise à jour pour Windows XP (KB930916) Mise à jour pour Windows XP (KB931836) Mise à jour pour Windows XP (KB933360) Mise à jour pour Windows XP (KB938828) Mise à jour pour Windows XP (KB942763) Mozilla Firefox (2.0.0.13) MSN MSXML 4.0 SP2 (KB936181) Need for Speed™ Carbon Nero Suite neroxml Neuf - Kit de connexion Nikon FotoShare Nikon Message Center Nokia Connectivity Cable Driver Nokia PC Connectivity Solution Nokia PC Suite NVIDIA Drivers Orange Plug-in messagerie vocale 888 Paint.NET v3.22 PhotoBox 3.2.4 PhotoFiltre Picasa 2 PictureProject PIF DESIGNER2.1 Pinnacle MediaCenter Pinnacle MediaServer Programme de gestion Camera de Logitech® project dogwaffle QuickTime RealPlayer ScanToWeb Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) Security Update pour Microsoft .NET Framework 2.0 (KB928365) Smart Link 56K Modem Spelling Dictionaries Support For Adobe Reader 8 Spybot - Search & Destroy 1.5.2.20 Spyware Terminator SWF Live Preview 1.0 (Build 1.0.2.27) Swiff Player 1.1 TerraExplorer threeball screensaver Ulead GIF Animator 5 Evaluation Uniblue ProcessScanner Uniblue RegistryBooster 2 VCRedistSetup VirtualDub 1.6.9 Fr VirtualDubMOD 1.5.10.2 b2540 Fr WebFldrs XP Windows Driver Package - Nokia Modem (06/12/2006 6.81.0.21) Windows Genuine Advantage Validation Tool (KB892130) Windows Genuine Advantage Validation Tool (KB892130) Windows Imaging Component Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows Live installer Windows Live Messenger Windows Live Writer Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 WinPcap 3.1 beta4 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est C889-F9B2 Répertoire de C:\Program Files 19/03/2008 15:20 <REP> . 19/03/2008 15:20 <REP> .. 16/01/2008 18:59 <REP> Abrosoft 02/04/2007 23:15 <REP> Acro Software 13/02/2008 10:03 <REP> Adobe 11/01/2008 15:31 <REP> Ahead 27/05/2007 19:50 <REP> ArcSoft 26/03/2007 23:30 <REP> Audacity 29/02/2008 14:41 14 113 576 avgas-setup-7.5.1.43-3339.exe 16/05/2007 11:50 <REP> AviSynth 2.5 12/11/2007 00:46 <REP> AVS4YOU 11/12/2007 16:58 <REP> AVSMedia 11/12/2007 16:57 58 903 352 AVSVideoTools.exe 05/01/2008 22:11 <REP> Blacksmith3D-Suite 3.0 23/12/2007 20:20 232 956 BumpMap.zip 17/03/2007 17:22 <REP> CA 05/04/2007 12:00 <REP> CCleaner 23/12/2007 20:13 425 557 CollerDedans.zip 17/03/2007 16:36 <REP> ComPlus Applications 23/12/2007 20:15 337 474 Contour.zip 23/12/2007 20:16 408 752 Corne.zip 28/01/2008 00:04 <REP> DAZ 23/12/2007 20:21 267 744 Deformation.zip 23/12/2007 20:22 338 208 Degrade.zip 23/12/2007 20:18 180 444 dexfx.zip 23/12/2007 20:22 9 387 DiffusionNB.zip 17/09/2007 19:52 <REP> DIFX 20/09/2007 15:51 <REP> DivX 31/12/2007 19:55 <REP> Dj_show 09/12/2007 22:04 <REP> dogwaffle 22/11/2007 20:21 <REP> DVD Shrink 05/06/2007 13:27 <REP> Elaborate Bytes 03/01/2008 22:24 <REP> Electronic Arts 13/07/2007 21:26 <REP> Eltima Software 01/01/2008 15:11 262 544 emoticones.exe 20/03/2007 09:03 <REP> epson 29/02/2008 15:00 153 144 ewido_micro.exe 16/01/2008 11:25 <REP> Fichiers communs 11/12/2007 16:14 5 843 256 Firefox Setup 2.0.0.11.exe 23/12/2007 20:25 270 910 Fisheye.zip 23/12/2007 20:23 311 270 FonVisu.zip 09/12/2007 22:08 <REP> Gimp 14/07/2007 07:57 <REP> GlobFX Technologies 20/05/2007 19:39 <REP> Google 23/12/2007 20:24 265 997 Gravure.zip 24/01/2008 09:17 <REP> Grisoft 23/12/2007 20:11 255 287 ImpGifAnim.zip 09/03/2008 09:00 <REP> Incomplete 13/02/2008 11:13 <REP> Internet Explorer 24/03/2007 22:15 <REP> iPod 24/03/2007 22:15 <REP> iTunes 16/01/2008 11:25 <REP> Java 31/12/2007 20:26 <REP> KaraFun 31/12/2007 19:45 2 373 533 KARAOKe MKMSetup-v19000.exe 22/11/2007 21:25 <REP> Kate's Video Converter 03/04/2007 13:04 <REP> Lavasoft 23/12/2007 20:25 251 410 Lentille.zip 20/03/2007 10:26 <REP> Logitech 29/06/2007 19:32 <REP> Macrogaming 22/01/2008 19:23 <REP> Messenger Plus! Live 29/06/2007 19:55 <REP> Microsoft CAPICOM 2.1.0.2 17/03/2007 16:40 <REP> microsoft frontpage 13/05/2007 12:12 <REP> Microsoft Office 17/03/2007 17:59 <REP> Microsoft SQL Server 01/01/2008 15:06 <REP> Microsoft SQL Server Compact Edition 13/05/2007 12:11 <REP> Microsoft.NET 23/12/2007 20:09 216 717 Miroir.zip 19/03/2008 16:32 <REP> Mosaic Deluxe 17/03/2007 16:36 <REP> Movie Maker 27/03/2008 14:42 <REP> Mozilla Firefox 17/03/2007 17:31 <REP> MSN 30/09/2007 00:46 <REP> MSN Games 17/03/2007 16:35 <REP> MSN Gaming Zone 30/12/2007 15:09 <REP> MSXML 4.0 15/01/2008 18:41 <REP> Navilog1 11/01/2008 15:20 <REP> Nero 12/07/2007 20:01 <REP> NetMeeting 16/05/2007 11:01 <REP> Neuf 27/05/2007 19:52 <REP> Nikon 17/09/2007 19:52 <REP> Nokia 01/10/2007 18:05 <REP> NStorm 29/06/2007 19:50 <REP> Online Services 11/01/2008 13:11 <REP> Orange 13/06/2007 07:03 <REP> Outlook Express 24/03/2008 14:29 <REP> Paint.NET 08/01/2008 09:39 21 306 051 PC_DAZStudio_1_8_1_5.exe 23/12/2007 19:56 1 658 048 pf-setupphotophiltre.exe 23/12/2007 10:08 8 292 865 pfs-setup.exe 04/11/2007 22:02 <REP> PhotoBox 08/02/2008 13:21 <REP> PhotoFiltre 31/12/2007 19:10 2 260 619 pianovirtuel.exe 05/12/2007 13:57 <REP> Picasa2 17/03/2007 17:59 <REP> Pinnacle 24/12/2007 11:32 379 434 pm_neiges.zip 29/08/2007 15:36 <REP> printFIT 31/01/2008 10:26 923 280 processscanner.exe 23/12/2007 10:31 <REP> project dogwaffle 09/12/2007 22:03 4 558 273 project-dogwaffle_project_dogwaffle_1.2_anglais_10637.exe 06/07/2007 09:57 <REP> QuickTime 30/10/2007 16:07 <REP> RADVideo 23/12/2007 20:19 200 473 rasterize.zip 27/07/2007 09:13 <REP> Real 01/10/2007 18:06 <REP> ReflexiveArcade 30/03/2007 11:26 <REP> RegCleaner 28/04/2007 11:02 774 144 RngInterstitial.dll 23/12/2007 20:24 12 424 RVBFantaisie.zip 17/03/2007 16:37 <REP> Services en ligne 31/12/2007 18:54 1 460 857 setup-trivialSVT.exe 20/12/2007 20:31 <REP> Skyline 20/03/2007 09:30 <REP> Smart Panel 03/10/2007 09:57 <REP> Spybot - Search & Destroy 27/03/2008 14:41 <REP> Spyware Terminator 29/02/2008 15:06 10 067 136 SpywareTerminatorSetup.exe 23/12/2007 20:17 270 029 Text2Path.zip 17/05/2007 12:28 <REP> ToniArts 14/01/2008 09:43 <REP> Trend Micro 21/06/2007 20:19 <REP> TurboDemo 7.5 Essai 22/09/2007 12:15 <REP> Ubisoft 22/06/2007 06:38 <REP> Ulead Systems 21/06/2007 15:45 <REP> UnFREEz 26/12/2007 13:03 110 651 unfreezfr.exe 31/01/2008 10:34 <REP> Uniblue 10/10/2007 16:06 <REP> VCW VicMan's Photo Editor 27/03/2007 16:59 <REP> VirtualDub 30/10/2007 12:20 <REP> VirtualDubMOD 07/11/2007 19:57 <REP> Warcraft III 27/03/2008 14:41 <REP> WinClamAVShield 01/01/2008 15:08 <REP> Windows Live 29/06/2007 20:02 <REP> Windows Live Toolbar 29/06/2007 16:29 <REP> Windows Media Connect 2 25/03/2007 00:03 <REP> Windows Media Player 29/06/2007 19:50 <REP> Windows NT 13/01/2008 23:34 5 154 304 WindowsDefender.msi 24/05/2007 16:49 <REP> WinPcap 17/03/2007 16:40 <REP> xerox 05/04/2007 12:34 <REP> Yahoo! 35 fichier(s) 142 850 106 octets 101 Rép(s) 68 811 030 528 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est C889-F9B2 Répertoire de C:\Program Files\fichiers communs 16/01/2008 11:25 <REP> . 16/01/2008 11:25 <REP> .. 13/02/2008 10:03 <REP> Adobe 11/01/2008 15:29 <REP> Ahead 11/12/2007 16:59 <REP> AVSMedia 10/01/2008 16:43 <REP> DAZ 13/05/2007 12:12 <REP> DESIGNER 20/03/2007 10:26 <REP> FotoWire 21/06/2007 15:46 <REP> InstallShield 16/01/2008 11:25 <REP> Java 20/03/2007 10:24 <REP> Logitech 01/01/2008 14:56 <REP> Microsoft Shared 17/03/2007 16:36 <REP> MSSoap 11/01/2008 15:31 <REP> Nero 15/06/2007 16:10 <REP> Nikon 17/09/2007 19:52 <REP> Nokia 17/03/2007 17:30 <REP> ODBC 17/09/2007 19:52 <REP> PCSuite 24/09/2007 22:50 <REP> Real 17/03/2007 16:36 <REP> Services 17/03/2007 17:30 <REP> SpeechEngines 13/06/2007 07:03 <REP> System 24/09/2007 22:50 <REP> xing shared 0 fichier(s) 0 octets 23 Rép(s) 68 811 038 720 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est C889-F9B2 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 13/05/2007 12:12 <REP> . 13/05/2007 12:12 <REP> .. 13/05/2007 12:12 <REP> 1033 13/05/2007 12:12 <REP> 1036 11/07/2003 09:15 1 292 872 MSONSEXT.DLL 15/07/2003 05:52 35 896 MSOSV.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 07/03/2001 07:00 127 033 MSOWS40c.DLL 11/07/2003 01:25 80 448 PKMWS.DLL 5 fichier(s) 1 659 186 octets 4 Rép(s) 68 811 034 624 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est C889-F9B2 Répertoire de C:\ 24/05/2001 12:59 162 304 UNWISE.EXE 05/02/2008 12:15 3 612 253 wscrable.exe 2 fichier(s) 3 774 557 octets 0 Rép(s) 68 811 034 624 octets libres c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.1.1.5\iTunesSetupAdmin.exe c:\Documents and Settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe c:\Documents and Settings\ \Application Data\MSNInstaller\msnauins.exe c:\Documents and Settings\ \Bureau\Dames.exe c:\Documents and Settings\ \Bureau\convertir video\dvdshrink_dvdshrink_3.2.0.16_vf_francais_11021\dvdshrink32setup_FR.exe c:\Documents and Settings\ \Bureau\convertir video\dvdshrink_dvdshrink_3.2.0.16_vf_francais_11021\VirtualDubMOD_1.5.10.2_b2540_Fr.exe c:\Documents and Settings\a \Bureau\convertir video\lame3.97\lame.exe c:\Documents and Settings\ \Bureau\Nouveau dossier\DiagHelp\catchme.exe c:\Documents and Settings\ \Bureau\Nouveau dossier\DiagHelp\diff.exe c:\Documents and Settings\ \Bureau\Nouveau dossier\DiagHelp\dumphive.exe c:\Documents and Settings\ \Bureau\Nouveau dossier\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\ \Bureau\Nouveau dossier\DiagHelp\find2.exe c:\Documents and Settings\ \Bureau\Nouveau dossier\DiagHelp\Fport.exe c:\Documents and Settings\ \Bureau\Nouveau dossier\DiagHelp\grep.exe c:\Documents and Settings\ \Bureau\Nouveau dossier\DiagHelp\gzip.exe c:\Documents and Settings\ \Bureau\Nouveau dossier\DiagHelp\KProcCheck.exe c:\Documents and Settings\ \Bureau\Nouveau dossier\DiagHelp\LFiles.exe c:\Documents and Settings\ \Bureau\Nouveau dossier\DiagHelp\LISTDLLS.exe c:\Documents and Settings\ \Bureau\Nouveau dossier\DiagHelp\md5sums.exe c:\Documents and Settings\ \Bureau\Nouveau dossier\DiagHelp\pslist.exe c:\Documents and Settings\ \Bureau\Nouveau dossier\DiagHelp\sigcheck.exe c:\Documents and Settings\ \Bureau\Nouveau dossier\DiagHelp\streams.exe c:\Documents and Settings\ Bureau\Nouveau dossier\DiagHelp\swreg.exe c:\Documents and Settings\ \Bureau\Nouveau dossier\DiagHelp\tar.exe c:\Documents and Settings\ \Local Settings\Application Data\Magentic\Runtime\ScreenSaver\955A21B3-B96B-46DC0ABE9-70EFACFBC2B2\zoomfade.exe c:\Documents and Settings\ \Mes documents\AdbeRdr80_fr_FR.exe c:\Documents and Settings\ \Mes documents\EClea2_0.exe c:\Documents and Settings\ \Mes documents\FantaMorphSetup.exe c:\Documents and Settings\ \Mes documents\Firefox Setup 2.0.0.3.exe c:\Documents and Settings\ \Mes documents\FSS_PH60.exe c:\Documents and Settings\ \Mes documents\gimp-mode_gimp_mode_2.2.14_francais_18452.exe c:\Documents and Settings\ \Mes documents\Google_Earth_BZXD.exe c:\Documents and Settings\ \Mes documents\Install_Messenger.exe c:\Documents and Settings\a \Mes documents\internet_video_converter_1.41_installer.exe c:\Documents and Settings\ \Mes documents\NV4content.exe c:\Documents and Settings\ \Mes documents\Plug-in_messagerie_vocale_888.exe c:\Documents and Settings\ \Mes documents\Preparation_Messenger.exe c:\Documents and Settings\ \Mes documents\RADTools.exe c:\Documents and Settings\ \Mes documents\SweetImSetup.exe c:\Documents and Settings\ \Mes documents\terraexplorer_terraexplorer_5.0.2.10_basic_francais_40985.exe c:\Documents and Settings\ joelle\Mes documents\WLToolbarSetup_fr.exe c:\Documents and Settings\ joelle\Mes documents\XLVIEWER.EXE c:\Documents and Settings\ joelle\Mes documents\antirootkit\avgarkt-setup-1.1.0.42.exe c:\Documents and Settings\ joelle\Mes documents\antirootkit\AVG Anti-Rootkit Free\avgarkt.exe c:\Documents and Settings\ joelle\Mes documents\antirootkit\AVG Anti-Rootkit Free\Uninstall.exe c:\Documents and Settings\ joelle\Mes documents\fichiers d'installation\aawsepersonal.exe c:\Documents and Settings\ joelle\Mes documents\fichiers d'installation\ATF-Cleaner.exe c:\Documents and Settings\ joelle\Mes documents\fichiers d'installation\audacity-win-1.2.6.exe c:\Documents and Settings\ joelle\Mes documents\fichiers d'installation\ccsetup126.exe c:\Documents and Settings\ joelle\Mes documents\fichiers d'installation\ccsetup138.exe c:\Documents and Settings\ joelle\Mes documents\fichiers d'installation\dlsetup.exe c:\Documents and Settings\ joelle\Mes documents\fichiers d'installation\EClea2_0.exe c:\Documents and Settings\ joelle\Mes documents\fichiers d'installation\Google_Earth_BZXE.exe c:\Documents and Settings\ joelle\Mes documents\fichiers d'installation\GoogleEarthWin.exe c:\Documents and Settings\ joelle\Mes documents\fichiers d'installation\GoogleEarthWin_EARE.exe c:\Documents and Settings\ joelle\Mes documents\fichiers d'installation\IE7-WindowsXP-x86-fra.exe c:\Documents and Settings\ joelle\Mes documents\fichiers d'installation\incredimail_install.exe c:\Documents and Settings\ joelle\Mes documents\fichiers d'installation\Install_Messenger.exe c:\Documents and Settings\ joelle\Mes documents\fichiers d'installation\madotate3d.exe c:\Documents and Settings\ joelle\Mes documents\fichiers d'installation\Morpheus Photo Animation Suite.exe c:\Documents and Settings\ joelle\Mes documents\fichiers d'installation\nerovision-express_patch_francais_3.1.0.25_francais_10914.exe c:\Documents and Settings\ \Mes documents\fichiers d'installation\picasaweb-current-setup.exe c:\Documents and Settings\ \Mes documents\fichiers d'installation\RegCleaner.exe c:\Documents and Settings\ \Mes documents\fichiers d'installation\RI4M_v501d_setup.exe c:\Documents and Settings\ \Mes documents\fichiers d'installation\spybotsd14.exe c:\Documents and Settings\a \Mes documents\fichiers d'installation\Terragen 0.9 Fr par Colok.exe c:\Documents and Settings\a \Mes documents\fichiers d'installation\tginstall0919.exe c:\Documents and Settings\a \Mes documents\fichiers d'installation\TU2007TrialFR.exe c:\Documents and Settings\ \Mes documents\fichiers d'installation\unfreezfr.exe c:\Documents and Settings\a \Mes documents\fichiers d'installation\upi12_tbyb_e_na.exe c:\Documents and Settings\ \Mes documents\fichiers d'installation\VirtualDub_1.6.9_b23604_Fr.exe c:\Documents and Settings \Mes documents\fichiers d'installation\wmp11-windowsxp-x86-FR-FR.exe c:\Documents and Settings\ \Mes documents\fichiers d'installation\VirtualDub-1.7.1\auxsetup.exe c:\Documents and Settings\ \Mes documents\fichiers d'installation\VirtualDub-1.7.1\vdub.exe c:\Documents and Settings\\Mes documents\fichiers d'installation\VirtualDub-1.7.1\VirtualDub.exe c:\Documents and Settings\ \Mes documents\ImpGifAnim\bisou\divers\VeohSetup-3.4.1.1137.exe c:\Documents and Settings\ \Mes documents\ImpGifAnim\bisou\divers\montage fofo\pfs-setup.exe c:\Documents and Settings\ \Mes documents\NeroVision\Nero-6.6.1.15_fra.exe c:\Documents and Settings\ \Mes documents\NeroVision\NVE-3.1.0.25.exe c:\Documents and Settings\ \Mes documents\nettoyage PC\OTMoveIt.exe c:\Documents and Settings\ \Mes documents\nettoyage PC\Nouveau dossier\HJTInstall.exe c:\Documents and Settings\ \Mes documents\Reflet\Reflet.exe c:\Documents and Settings\a \Mes documents\scrabble\SiteWeb.exe c:\Documents and Settings\ \Mes documents\scrabble\Uninstal.exe c:\Documents and Settings\ \Mes documents\scrabble\winscrab.exe c:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\LUO9Z21L\fv_nt86[1].exe c:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MOCBD15C\iv_nt86[1].exe c:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\Z561L458\iv_nt86[1].exe c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Skyline\TEDetect.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylomgamesplayer.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\BCASFWeb\fr-FR\bass.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\BCASFWeb\fr-FR\BCASFWeb.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\GenericGameExtension\GenericGameExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\MysterySolitaireSIWeb\fr-FR\bass.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\MysterySolitaireSIWeb\fr-FR\MysterySolitaireSIWeb.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\MysterySolitaireSIWeb\fr-FR\Resources.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\MyZylomExtension\MyZylomExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\PlaytimeExtension\PlaytimeExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\TrivialPursuit\fr-FR\fmod.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\TrivialPursuit\fr-FR\trivialpursuit.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomDeluxeInstaller\ZylomDeluxeInstaller.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomExtension\ZylomExtension.dll c:\Documents and Settings\ joelle\Application Data\Identities\{000HQ7FF-AD7A-3FG4-MO09-24UF17SCEVUD}\xmlparse.dll c:\Documents and Settings\ joelle\Application Data\Identities\{000HQ7FF-AD7A-3FG5-CHL5-24516UNKQ674}\xmlparse.dll c:\Documents and Settings\ joelle\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll c:\Documents and Settings\ joelle\Application Data\Mozilla\Firefox\Profiles\sz5xetlx.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll c:\Documents and Settings\ joelle\Application Data\Mozilla\Firefox\Profiles\sz5xetlx.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\Yoan\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll ****** Fin du rapport DiagHelp Veuillez svp envoyer le fichier C:\upload_moi_JOELLE.tar.gz a l'adresse http://upload.malekal.com
-
sinon j'ai fait les tests sur le site de malekal pour verifier la securité et parefeu ; tout les test sont bons :donc je devrais pas etre infecté!! si ces tests sont fiables mais je pense que oui,ça al'air serieux
-
en tout je ne comprends pas ça c'est enfin arreter (le bruit que le pc fait quand il est en recherche ,quand on ouvre ou execute quelque chose) non je ne sais pas ce que c'est! https://secure.gopetslive.com/dev/GoPetsWeb.cab ? c'est vrai que j'ai mis un autre antivirus ,je vais l'enlever et comme parefeu qu'est-ce qui est le mieux? voilà j'espère que c'est bien ça! catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-27 14:46:11 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0
-
non je n'ai pas besoin d'ouvrir quoi que ce soit ,c'est continuellement en recherche Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:06:15, on 27/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\CA\ETRUST~1\realmon.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe C:\Program Files\CA\eTrust Antivirus\InoRpc.exe C:\Program Files\CA\eTrust Antivirus\InoRT.exe C:\Program Files\CA\eTrust Antivirus\InoTask.exe C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/NET/Import/ImageUploader4.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/up...er_v2.2.0.2.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Serveur Admin eTrust Antivirus (InoNmSrv) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoNmSrv.exe O23 - Service: Serveur RPC eTrust Antivirus (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe O23 - Service: Serveur eTrust Antivirus Temps réel (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe O23 - Service: Serveur de jobs eTrust Antivirus (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O24 - Desktop Component 0: ElÚment crÚÚ par Ulead GIF Animator - C:\WINDOWS\system32\gaadi001.gif -- End of file - 9451 bytes
-
je pense avoir encore choper quelque s choses mon pc est toujours en recherche,ça tourne toujours ...je ne sais pas trop comment vous expliquer mais bon .....si quelqu'un comprends merci de m'aider
-
infecté resolu
dragonnette a répondu à un(e) sujet de dragonnette dans Analyses et éradication malwares
bonjour Gof j'aimerai avoir ton avis je viens d'installer spyware terminator est-ce que c'est un bon choix sinon impossible d'aller sur le site de MALEKAL : -
bonjour j'ai un problème mon PC se bloque en mode sécurité dés l'allumage quelqu'un pourrait il me dire si c'est une panne importante il est sous garanti je l'ai amené au SAV mais j'aimerai un avis extérieur merci d'avance